Use the threat intelligence API to create custom alerts

Applies to:

  • Windows Defender Advanced Threat Protection (Windows Defender ATP)

Want to experience Windows Defender ATP? Sign up for a free trial.

Understand threat intelligence concepts, then enable the custom threat intelligence application so that you can proceed to create custom threat intelligence alerts that are specific to your organization.

You can use the code examples to guide you in creating calls to the custom threat intelligence API.

In this section

Topic Description
Understand threat intelligence concepts Understand the concepts around threat intelligence so that you can effectively create custom intelligence for your organization.
Enable the custom threat intelligence application Set up the custom threat intelligence application through Windows Defender Security Center so that you can create custom threat intelligence (TI) using REST API.
Create custom threat intelligence alerts Create custom threat intelligence alerts so that you can generate specific alerts that are applicable to your organization.
PowerShell code examples Use the PowerShell code examples to guide you in using the custom threat intelligence API.
Python code examples Use the Python code examples to guide you in using the custom threat intelligence API.
Experiment with custom threat intelligence alerts This article demonstrates an end-to-end usage of the threat intelligence API to get you started in using the threat intelligence API.
Troubleshoot custom threat intelligence issues Learn how to address possible issues you might encounter while using the threat intelligence API.