Hello Everyone,
I hope this message finds you well. I have a question regarding Microsoft 365 Defender's Threat Analytics Report and its associated capabilities for retrieving threat information.
In the context of Microsoft 365 Defender, I'm interested in two specific aspects:
1. Retrieving Threat Tags Count: I'm looking for a way to programmatically fetch the counts of different threat tags, such as Ransomware, Vulnerability, Phishing, and more, from the Threat Analytics Report. Despite my efforts to search through the documentation and explore various resources, I haven't been able to locate a dedicated API or PowerShell command to achieve this. Could someone please provide insights on how to gather this data efficiently?
2. Fetching All Threats: Additionally, I'm interested in understanding whether there is an API or PowerShell command that allows me to retrieve a comprehensive list of all the threats within my Microsoft 365 tenant. This would greatly assist in our ongoing security analysis and response efforts. Any guidance on this matter would be highly appreciated.
If any members of the forum have experience working with Microsoft 365 Defender's APIs or PowerShell commands and possess knowledge about retrieving threat information, I would be extremely grateful for your input. Whether it's a known method, a workaround, or any other relevant information, your expertise could be instrumental in solving these challenges.
For more information, please refer below link:
https://learn.microsoft.com/en-us/answers/questions/1323844/fetching-ransomware-phishing-and-vulnerability-det
Your assistance is highly appreciated!
Thank you.