Windows Defender (Security center API) - Vulnerable files export from recommendations(log4j) to Power BI

SMEExpert 1 Reputation point
2022-04-08T07:36:19.663+00:00

Hi team,

After logging in to "https://security.microsoft.com/security-recommendations" to know the recommendations, we could see the "Vulnerable Files" from the respective recommendation (Update Apache log4j).

we do have an option to "Export" the list of vulnerable files. 191196-image.png

Is there any way that we can programatically export this from API/Powershell?. I would need to add this info into PowerBI report and looking for a way to do it.

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
37,055 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,235 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Givary-MSFT 29,351 Reputation points Microsoft Employee
    2022-04-13T08:01:01.023+00:00

    @SMEExpert

    Apologies for the delay in answering this post. As I understand you are checking if there is a way to export (Vulnerable files) programmatically via API.

    Refer to this article https://learn.microsoft.com/en-us/azure/defender-for-cloud/continuous-export?tabs=rest-api#:~:text=Configure%20continuous%20export%20using%20the%20REST%20API which talks about Configure continuous export using the REST API to any of the following destinations

    Azure Event Hub
    Log Analytics workspace
    Azure Logic Apps

    Reference:
    https://learn.microsoft.com/en-us/rest/api/securitycenter/automations
    https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/exporting-vulnerability-assessment-results-in-microsoft-defender/ba-p/1212091
    https://charbelnemnom.com/automate-and-enable-continuous-export-for-azure-security-center-with-azure-policy/

    Let me know if you have any questions.

    0 comments No comments