apis

2025-06-19 20:33:42 +00:00 · 2020-03-24 12:01:03 -07:00
parent 1b1d5331bb
commit 76857325a2
5 changed files with 195 additions and 13 deletions
--- a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
@ -0,0 +1,86 @@
 ---
 title: Get missing KBs
 description: Retrieves a list of software inventory
 keywords: apis, graph api, supported apis, get, list, file, information, software inventory, threat & vulnerability management api, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get missing KBs
 **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 Retrieves missing KBs by machine Id
 ## HTTP request
 ```
 GET /api/machines/{machineId}/getmissingkbs
 ```
 ## Request header
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK, with the specified machine missing kb data in the body.
 ## Example
 ### Request
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/machines/2339ad14a01bd0299afb93dfa2550136057bff96/getmissingkbs 
 ```
 ### Response
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#Collection(microsoft.windowsDefenderATP.api.PublicProductFixDto)",
    "value": [
        {
            "id": "4540673",
            "name": "March 2020 Security Updates",
            "productsNames": [
                "windows_10",
                "edge",
                "internet_explorer"
            ],
            "url": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4540673",
            "machineMissedOn": 1,
            "cveAddressed": 97
        },
         ...
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
@ -0,0 +1,93 @@
 ---
 title: Get missing KBs
 description: Retrieves a list of software inventory
 keywords: apis, graph api, supported apis, get, list, file, information, software inventory, threat & vulnerability management api, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get missing KBs
 **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 Retrieves missing KBs by software Id
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |   Permission   |   Permission display name
 :---|:---|:---
 Application |Software.Read.All |   'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read |   'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/Software/{Id}/getmissingkbs
 ```
 ## Request header
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK, with the specified software missing kb data in the body.
 ## Example
 ### Request
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/getmissingkbs
 ```
 ### Response
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#Collection(microsoft.windowsDefenderATP.api.PublicProductFixDto)",
    "value": [
         {
            "id": "4540673",
            "name": "March 2020 Security Updates",
            "productsNames": [
                "edge"
            ],
            "url": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4540673",
            "machineMissedOn": 240,
            "cveAddressed": 14
         },
         ...
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@ -25,6 +25,7 @@ ms.topic: article
 [!include[Prerelease information](../../includes/prerelease.md)]
 ## Methods
 Method|Return Type |Description
 :---|:---|:---
 [List machines](get-machines.md) | [machine](machine.md) collection | List set of [machine](machine.md) entities in the org.
@ -36,8 +37,10 @@ Method|Return Type |Description
 [Get security recommendations](get-security-recommendations.md) | [recommendation](recommendation.md) collection | Retrieves a collection of security recommendations related to a given machine ID.
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 [Get missing KBs](get-missing-kbs-machine.md) | KB collection | Get a list of missing KBs associated with the machine ID
 ## Properties
 Property |   Type   |   Description
 :---|:---|:---
 id | String | [machine](machine.md) identity.
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@ -25,6 +25,7 @@ ms.topic: article
 [!include[Prerelease information](../../includes/prerelease.md)]
 ## Methods
 Method |Return Type |Description
 :---|:---|:---
 [List software](get-software.md) | Software collection | List the organizational software inventory.
@ -32,8 +33,10 @@ Method |Return Type |Description
 [List software version distribution](get-software-ver-distribution.md)| Distribution collection | List software version distribution by software ID.
 [List machines by software](get-machines-by-software.md)| MachineRef collection | Retrieve a list of machines that are associated with the software ID.
 [List vulnerabilities by software](get-vuln-by-software.md) | [Vulnerability](vulnerability.md) collection | Retrieve a list of vulnerabilities associated with the software ID.
 [Get missing KBs](get-missing-kbs-software.md) | KB collection | Get a list of missing KBs associated with the software ID
 ## Properties
 Property |   Type   |   Description
 :---|:---|:---
 id | String | Software ID
@ -44,4 +47,3 @@ publicExploit | Boolean | Public exploit exists for some of the vulnerabilities
 activeAlert | Boolean | Active alert is associated with this software
 exposedMachines | Long | Number of exposed machines
 impactScore | Double | Exposure score impact of this software
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@ -30,17 +30,15 @@ After your organization's cybersecurity weaknesses are identified and mapped to
 Lower your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations.
 ## Remediation
 ## How remediation requests work
 When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity. A security task is created which will be tracked in the Threat & Vulnerability Management **Remediation** page, and a remediation ticket is created in Microsoft Intune.
 The dashboard will show the status of your top remediation activities. Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task.
-## Accessing the Remediation page
+## Accessing the remediation page
-You can access the Remediation page in a few places in the portal:
+You can access the remediation page in a few places in the portal:
 - Security recommendations flyout panel
 - Navigation menu
@ -70,7 +68,7 @@ If you want to check how the ticket shows up in Intune, see [Use Intune to remed
 2. Select the remediation activity that you want to view.
 ![Screenshot of the remediation page flyout for a software which reached end-of-support](images/remediation_flyouteolsw.png)
-### Top remediation activities card the dashboard
+### Top remediation activities in the dashboard
 1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top remediation activities** card. The list is sorted and prioritized based on what is listed in the **Top security recommendations**.
 2. Select the remediation activity that you want to view.