Welcome to the repository for PowerShell scripts using Microsoft Defender public API! This repository is a starting point for all Microsoft Defender's users to share content and sample PowerShell code that utilizes Microsoft Defender API to enhance and automate your security.

Here are a few examples we published:

1. "Hello World" - Pull alerts from Microsoft Defender ATP using API

2. Get Indicators of Attack (IoC) from MISP to Microsoft Defender ATP (Code)

3. Automate Microsoft Defender ATP response - Isolate machine

4. Ticketing system integration – Alert update API

We welcome you to share and contribute, check out the guide in the CONTRIBUTING.md file.

For more info on our available APIs - go to our API documentation

We have more repositories for different use cases, we invite you to explore and contribute.

• Python scripts using Microsoft Defender ATP public API

• Microsoft Defender ATP Advanced Hunting (AH) sample queries

• PowerBI reports using Microsoft Defender ATP data