EDR Connector: Accessed Provider APIs
The following APIs are accessed by the EDR connector.
Defender EDR
| Synqly API | Provider API |
|---|---|
| DELETE /v1/edr/iocs | POST /api/indicators/batchdelete |
| POST /v1/edr/iocs | POST /api/indicators |
CrowdStrike EDR
| Synqly API | Provider API |
|---|---|
| GET /v1/edr/alerts | GET /alerts/queries/alerts/{item} POST /alerts/entities/alerts/{item} |
| GET /v1/edr/endpoints | GET /devices/queries/devices/{item} GET /devices/entities/devices/{item} |
| GET /v1/edr/endpoints/{id} | GET /devices/queries/devices/{item} GET /devices/entities/devices/{item} |
| POST /v1/edr/endpoints/actions/quarantine | POST /devices/entities/devices-actions/{item} |