Hi team,
After logging in to "https://security.microsoft.com/security-recommendations" to know the recommendations, we could see the "Vulnerable Files" from the respective recommendation (Update Apache log4j).
we do have an option to "Export" the list of vulnerable files. 
Is there any way that we can programatically export this from API/Powershell?. I would need to add this info into PowerBI report and looking for a way to do it.
Apologies for the delay in answering this post. As I understand you are checking if there is a way to export (Vulnerable files) programmatically via API.
Refer to this article https://docs.microsoft.com/en-us/azure/defender-for-cloud/continuous-export?tabs=rest-api#:~:text=Configure%20continuous%20export%20using%20the%20REST%20API which talks about Configure continuous export using the REST API to any of the following destinations
Azure Event Hub
Log Analytics workspace
Azure Logic Apps
Reference:
https://docs.microsoft.com/en-us/rest/api/securitycenter/automations
https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/exporting-vulnerability-assessment-results-in-microsoft-defender/ba-p/1212091
https://charbelnemnom.com/automate-and-enable-continuous-export-for-azure-security-center-with-azure-policy/
Let me know if you have any questions.
7 people are following this question.
