Skip to content

Guides

/

Connectors

/

/

EDR Connector: Accessed Provider APIs
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude

The following APIs are accessed by the EDR connector.

Microsoft Defender

Synqly API	Provider API
DELETE /v1/edr/iocs	POST /api/indicators/batchdelete
GET /v1/edr/alerts	GET /api/alerts
GET /v1/edr/endpoints	GET /api/machines
GET /v1/edr/iocs	GET /api/indicators
GET /v1/edr/posture_score	GET /api/machines
GET /v1/edr/threats	GET /api/incidents
POST /v1/edr/iocs	POST /api/indicators

Tanium EDR

Synqly API	Provider API
GET /v1/edr/alerts	GET /plugin/products/threat-response/api/v1/alerts
GET /v1/edr/applications	POST /plugin/products/gateway/graphql
GET /v1/edr/endpoints	POST /plugin/products/gateway/graphql
GET /v1/edr/posture_score	POST /plugin/products/gateway/graphql

SentinelOne Endpoint

Synqly API	Provider API
DELETE /v1/edr/iocs	DELETE /web/api/v2.1/threat-intelligence/iocs GET /web/api/v2.1/threat-intelligence/iocs
GET /v1/edr/alerts	GET /web/api/v2.1/cloud-detection/alerts
GET /v1/edr/applications	GET /web/api/v2.1/application-management/inventory
GET /v1/edr/edr_events	POST /api/query
GET /v1/edr/endpoints	GET /web/api/v2.1/agents
GET /v1/edr/iocs	GET /web/api/v2.1/threat-intelligence/iocs
GET /v1/edr/threats	GET /web/api/v2.1/threats
POST /v1/edr/iocs	POST /web/api/v2.1/threat-intelligence/iocs

Previous page

Next page