PSMDE - Visorian/PSMDE GitHub Wiki
Module Name: PSMDE Module Guid: 5fef5bda-5b7b-4eff-a0aa-5e5cd85dc452 Download Help Link: https://psmdehelpfiles.blob.core.windows.net/help/PSMDE-help.xml Help Version: 0.29.3 Locale: en-US
PSMDE Module
Description
Microsoft Defender for Endpoint (MDE) PowerShell module
PSMDE Cmdlets
Add-MdeMachineTag
Adds tag to a specific Machine.
Clear-MdeAuthorizationInfo
Clears the authorization information that is used to get a valid MDE token.
Disable-MdeMachineCodeExecutionRestriction
Restrict execution of all applications on the device except a predefined set.
Disable-MdeMachineIsolation
Undo isolation of a device.
Enable-MdeMachineCodeExecutionRestriction
Restrict execution of all applications on the device except a predefined set.
Enable-MdeMachineIsolation
Isolates a device from accessing external network.
Get-MdeAuthorizationInfo
Returns the authorization information that is used to get a valid MDE token.
Get-MdeBaselineComplianceAssessmentByMachine
Returns all security baselines assessments for all devices, on a per-device basis.
Get-MdeBaselineComplianceAssessmentExport
Returns one or more links to all security baselines assessments for all devices, on a per-device basis.
Get-MdeBaselineConfiguration
Retrieves a list of all the possible security baselines assessment configurations and settings for all the available benchmarks.
Get-MdeBaselineProfile
Retrieves a list of all security baselines assessment profiles created by the organization.
Get-MdeConfigurationScore
Retrieves your Microsoft Secure Score for Devices.
Get-MdeExposureScore
Retrieves the organizational exposure score.
Get-MdeExposureScoreByMachineGroups
Retrieves the organizational exposure score.
Get-MdeLibraryFiles
List live response library files.
Get-MdeLiveResponseResult
Retrieves a specific live response command result by its index.
Get-MdeMachine
Gets one or multiple machine objects
Get-MdeMachineAction
Retrieves a collection of or a specific Machine Action by its ID.
Get-MdeMachineAlerts
Retrieves all Alerts related to a specific device.
Get-MdeMachineByFilter
Gets one or multiple machine objects by OData filter
Get-MdeMachineByIp
Find Machines seen with the requested internal IP in the time range of 15 minutes prior and after a given timestamp.
Get-MdeMachineByTag
Find Machines by Tag.
Get-MdeMachineInvestigationPackage
Collect investigation package from a device.
Get-MdeMachineInvestigationPackageUri
Get a URI that allows downloading of an Investigation package.
Get-MdeMachineLogonUsers
Retrieves a collection of logged on users on a specific device.
Get-MdeMachineMissingKbs
Retrieves missing KBs (security updates) by device ID
Get-MdeMachineRecommendations
Retrieves a collection of security recommendations related to a given device ID.
Get-MdeMachineSoftware
Retrieves a collection of installed software related to a given device ID.
Get-MdeMachineVulnerabilities
Retrieves a collection of discovered vulnerabilities related to a given device ID.
Get-MdeRecommendation
Retrieves a single security recommendation by its ID or a list of all security recommendations affecting the organization.
Get-MdeRecommendationMachines
Retrieves a list of devices associated with the security recommendation.
Get-MdeRecommendationSoftware
Retrieves a security recommendation related to a specific software.
Get-MdeRecommendationVulnerabilities
Retrieves a list of vulnerabilities associated with the security recommendation.
Get-MdeRemediationTask
Returns information about all or one specified remediation activity.
Get-MdeRemediationTaskMachines
Returns information about exposed devices for the specified remediation task.
Get-MdeRoles
List roles for a given function.
Get-MdeSoftware
Retrieves the organization software inventory.
Get-MdeSoftwareByFilter
Retrieves the organization software inventory by OData filter.
Get-MdeSoftwareDistribution
Retrieves a list of your organization's software version distribution.
Get-MdeSoftwareMachineReferences
Retrieve a list of device references that has this software installed.
Get-MdeSoftwareMissingKbs
Retrieves missing KBs (security updates) by software ID.
Get-MdeSoftwareVulnerability
Retrieve a list of vulnerabilities in the installed software.
Get-MdeUserAlerts
Retrieves a collection of alerts related to a given user ID.
Get-MdeUserMachines
Retrieves a collection of devices related to a given user ID.
Get-MdeVulnerability
Retrieves vulnerability information.
Get-MdeVulnerabilityByMachine
Retrieves a list of all the vulnerabilities affecting the organization per machine and software.
Get-MdeVulnerabilityMachinesByVulnerability
Retrieves a list of devices affected by a vulnerability.
Invoke-MdeMachineAntivirusScan
Initiate Microsoft Defender Antivirus scan on a device.
Invoke-MdeMachineLiveResponse
Runs a sequence of live response commands on a device.
New-MdeServicePrincipal
Creates a service principal (app registration) for Defender for Endpoint.
Remove-MdeMachine
Offboard device from Defender for Endpoint.
Remove-MdeMachineTag
Removes tag to a specific Machine.
Set-MdeAuthorizationInfo
Set the authorization information that is used to get a valid MDE token.
Stop-MdeMachineAction
Cancel an already launched machine action.
Stop-MdeMachineFileExecution
Stop execution of a file on a device and delete it.
Update-MdeMachine
Updates properties of existing Machine.