From ee87de19b0bd2c72205a3ee7c473c4cd810e032d Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:18:37 -0800 Subject: [PATCH] Added MDATP API video ref --- .../microsoft-defender-atp/management-apis.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index f42404e0ac..e25d5e8634 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -54,6 +54,9 @@ The Microsoft Defender ATP APIs can be grouped into three: Microsoft Defender ATP offers a layered API model exposing data and capabilities in a structured, clear and easy to use model, exposed through a standard Azure AD-based authentication and authorization model allowing access in context of users or SaaS applications. The API model was designed to expose entities and capabilities in a consistent form. +Watch this video for a quick overview of Microsoft Defender ATP's APIs. +[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] + The **Investigation API** exposes the richness of Microsoft Defender ATP - exposing calculated or 'profiled' entities (for example, machine, user, and file) and discrete events (for example, process creation and file creation) which typically describes a behavior related to an entity, enabling access to data via investigation interfaces allowing a query-based access to data. For more information see, [Supported APIs](exposed-apis-list.md). The **Response API** exposes the ability to take actions in the service and on devices, enabling customers to ingest indicators, manage settings, alert status, as well as take response actions on devices programmatically such as isolate machines from the network, quarantine files, and others.