Windows Defender (Security center API) - Vulnerable files export from recommendations(log4j) to Power BI

Dinesh Sundaram 1 Reputation point
2022-04-08T07:36:19.663+00:00

Hi team,

After logging in to "https://security.microsoft.com/security-recommendations" to know the recommendations, we could see the "Vulnerable Files" from the respective recommendation (Update Apache log4j).

we do have an option to "Export" the list of vulnerable files. 191196-image.png

Is there any way that we can programatically export this from API/Powershell?. I would need to add this info into PowerBI report and looking for a way to do it.

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Community Center | Not monitored
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Givary-MSFT 35,626 Reputation points Microsoft Employee Moderator
    2022-04-13T08:01:01.023+00:00

    @Dinesh Sundaram

    Apologies for the delay in answering this post. As I understand you are checking if there is a way to export (Vulnerable files) programmatically via API.

    Refer to this article https://learn.microsoft.com/en-us/azure/defender-for-cloud/continuous-export?tabs=rest-api#:~:text=Configure%20continuous%20export%20using%20the%20REST%20API which talks about Configure continuous export using the REST API to any of the following destinations

    Azure Event Hub
    Log Analytics workspace
    Azure Logic Apps

    Reference:
    https://learn.microsoft.com/en-us/rest/api/securitycenter/automations
    https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/exporting-vulnerability-assessment-results-in-microsoft-defender/ba-p/1212091
    https://charbelnemnom.com/automate-and-enable-continuous-export-for-azure-security-center-with-azure-policy/

    Let me know if you have any questions.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.