This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.
We know customers have been leveraging Microsoft Defender Vulnerability Management API to create custom reports and dashboards which provide security teams and stakeholders meaningful insights about the organization’s security posture. Microsoft Defender Vulnerability Management API has typically provided data for devices that have been onboarded to Microsoft Defender for Endpoint, as the vulnerability management export APIs pull data on a per-device basis. The file exports had only included onboarded devices and the existing ‘IsOnboarded’ field in the export was always set to ‘True’.
In the coming weeks, we will be updating the Microsoft Defender Vulnerability Management API to return data on devices that have not yet been onboarded to Microsoft Defender for Endpoint. This update will provide organizations with more information about devices, allowing ability to create more detailed reports to better monitor the devices and risks in your organization. This will apply to vulnerability management API exports done via files. The API file export will be updated to also return data on devices that are not yet onboarded to Microsoft Defender for Endpoint.
As a result, the additional data may result in much larger export files for the vulnerability management APIs due to inclusion of both onboarded and not yet onboarded devices.
While there is no action needed to prepare for this change, the amount of data exported may now be significantly larger so you may choose to apply a filter to control what is exported within your data export tools.
We hope you find value from this API update in Microsoft Defender Vulnerability Management.
___
If you’re interested in learning more about Microsoft Defender Vulnerability Management visit our website to take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.