From 327fc6b41a60c5d0179b0a437b45b5b1f65b4211 Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 9 Jul 2020 16:26:11 +0300
Subject: [PATCH] 1

---
 windows/security/threat-protection/TOC.md     |   1 +
 .../get-all-vulnerabilities-by-machines.md    | 104 ++++++++++++++++++
 2 files changed, 105 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index c5bd8c7fbb..666cf8cb70 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -570,6 +570,7 @@
 ###### [Vulnerability]()
 ####### [Vulnerability methods and properties](microsoft-defender-atp/vulnerability.md)
 ####### [List vulnerabilities](microsoft-defender-atp/get-all-vulnerabilities.md)
+####### [List vulnerabilities by Machine and Software](microsoft-defender-atp/get-all-vulnerabilities-by-machines.md)
 ####### [Get vulnerability by Id](microsoft-defender-atp/get-vulnerability-by-id.md)
 ####### [List machines by vulnerability](microsoft-defender-atp/get-machines-by-vulnerability.md)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
new file mode 100644
index 0000000000..4234c36d32
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
@@ -0,0 +1,104 @@
+---
+title: Get all vulnerabilities by Machine and Software
+description: Retrieves a list of all the vulnerabilities affecting the organization by Machine and Software
+keywords: apis, graph api, supported apis, get, vulnerability information, mdatp tvm api
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# List vulnerabilities by Machine and Software
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Retrieves a list of all the vulnerabilities affecting the organization per [Machine](machine.md) and [Software](software.md).
+<br>If the vulnerability has a fixing KB, it will appear in the response.
+<br>Supports [OData V4 queries](https://www.odata.org/documentation/).
+<br>The OData ```$filter``` is supported on all properties.
+
+>[!Tip]
+>This is great API for [Power BI](api-power-bi.md) integration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
+
+Permission type |	Permission	|	Permission display name
+:---|:---|:---
+Application |	Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
+Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
+
+## HTTP request
+```
+GET /api/vulnerabilities/machinesVulnerabilities
+```
+
+## Request headers
+
+Name | Type | Description
+:---|:---|:---
+Authorization | String | Bearer {token}. **Required**.
+
+
+## Request body
+Empty
+
+## Response
+If successful, this method returns 200 OK with the list of vulnerabilities in the body.
+
+
+## Example
+
+**Request**
+
+Here is an example of the request.
+
+```
+GET https://api.securitycenter.windows.com/api/vulnerabilities/machinesVulnerabilities
+```
+
+**Response**
+
+Here is an example of the response.
+
+
+```json
+{
+    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Collection(microsoft.windowsDefenderATP.api.PublicAssetVulnerabilityDto)",
+    "value": [
+        {
+            "id": "5afa3afc92a7c63d4b70129e0a6f33f63a427e21-_-CVE-2020-6494-_-microsoft-_-edge_chromium-based-_-81.0.416.77-_-",
+            "cveId": "CVE-2020-6494",
+            "machineId": "5afa3afc92a7c63d4b70129e0a6f33f63a427e21",
+            "fixingKbId": null,
+            "productName": "edge_chromium-based",
+            "productVendor": "microsoft",
+            "productVersion": "81.0.416.77",
+            "severity": "Low"
+        },
+        {
+            "id": "7a704e17d1c2977c0e7b665fb18ae6e1fe7f3283-_-CVE-2016-3348-_-microsoft-_-windows_server_2012_r2-_-6.3.9600.19728-_-3185911",
+            "cveId": "CVE-2016-3348",
+            "machineId": "7a704e17d1c2977c0e7b665fb18ae6e1fe7f3283",
+            "fixingKbId": "3185911",
+            "productName": "windows_server_2012_r2",
+            "productVendor": "microsoft",
+            "productVersion": "6.3.9600.19728",
+            "severity": "Low"
+        },
+		...
+    ]
+
+}
+```
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
+- [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)