Skip to content
Guides
/
Connectors
/
/
EDR Accessed Provider End...

EDR Accessed Provider Endpoints

CrowdStrike Falcon® Insight EDR

OperationProvider Endpoints
Create IOCsPOST /iocs/entities/indicators/v1
Delete IOCsDELETE /iocs/entities/indicators/v1
Get EndpointGET /devices/entities/devices/v2
GET /devices/queries/devices/v1
Quarantine EndpointsPOST /devices/entities/devices-actions/v2
Query ApplicationsGET /discover/entities/applications/v1
GET /discover/queries/applications/v1
Query EDR EventsGET /alerts/queries/alerts/v2
POST /alerts/entities/alerts/v2
Query EndpointsGET /devices/entities/devices/v2
GET /devices/queries/devices/v1
Query IOCsGET /iocs/entities/indicators/v1
GET /iocs/queries/indicators/v1
Query Posture ScoreGET /devices/entities/devices/v2
GET /devices/queries/devices/v1
GET /zero-trust-assessment/entities/assessments/v1
GET /zero-trust-assessment/queries/assessments/v1
Query Threat EventsGET /alerts/queries/alerts/v2
POST /alerts/entities/alerts/v2

Microsoft Defender for Endpoint

OperationProvider Endpoints
Create IOCsPOST /api/indicators
Delete IOCsPOST /api/indicators/batchdelete
Query AlertsGET /api/alerts
Query EndpointsGET /api/machines
Query IOCsGET /api/indicators
Query Posture ScoreGET /api/machines
Query Threat EventsGET /api/incidents

SentinelOne Singularity™ Endpoint

OperationProvider Endpoints
Create IOCsPOST /web/api/v2.1/threat-intelligence/iocs
Delete IOCsDELETE /web/api/v2.1/threat-intelligence/iocs
Query AlertsGET /web/api/v2.1/cloud-detection/alerts
Query ApplicationsGET /web/api/v2.1/application-management/inventory
Query EDR EventsPOST /api/query
Query EndpointsGET /web/api/v2.1/agents
Query IOCsGET /web/api/v2.1/threat-intelligence/iocs
Query Threat EventsGET /web/api/v2.1/threats

Tanium EDR

OperationProvider Endpoints
Query AlertsGET /plugin/products/threat-response/api/v1/alerts
Query ApplicationsPOST /plugin/products/gateway/graphql
Query EndpointsPOST /plugin/products/gateway/graphql
Query Posture ScorePOST /plugin/products/gateway/graphql
Previous page
Next page