Edit

Share via


Cloud discovery API

Cloud discovery APIs allow developers to automate log uploads, list and interact with discovered apps, and generate block scripts for enforcement by a firewall or a Security Web Gateway.

Automate log updates

Cloud discovery APIs for automating log uploads enable you to upload files generated by your firewall or Security Web Gateway to find Shadow IT in your cloud environment and list discovered cloud apps.

Use the cloud discovery API to automate the uploading of your company's discovery log files. The file upload process consists of the following 3 API endpoints which must be called consecutively.

List continuous reports and categories

As part of its cloud discovery solution, Defender for Cloud Apps uses continuous reports. These reports represent an automatic log upload from a specific data source (such as your Microsoft Defender for Endpoint devices). Each continuous report contains the following:

  • Discovered apps: All apps found in the specified continuous report
  • Categories: All app categories associated with the specified continuous report

You can use the following API endpoints to work with continuous reports.

Blocking unsanctioned applications using a firewall or Security Web Gateway

Defender for Cloud Apps enables you to block access to unsanctioned apps by using your existing on-premises security appliances. Use the Generate block script call to get a dedicated block script and import it to your appliance.

If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.