PSMDE - Visorian/PSMDE Wiki


Module Name: PSMDE Module Guid: 5fef5bda-5b7b-4eff-a0aa-5e5cd85dc452 Download Help Link: https://psmdehelpfiles.blob.core.windows.net/help/PSMDE-help.xml Help Version: 0.10.4 Locale: en-US

PSMDE Module

Description

Microsoft Defender for Endpoint (MDE) PowerShell module

PSMDE Cmdlets

Add-MdeMachineTag

Adds tag to a specific Machine.

Clear-MdeAuthorizationInfo

Clears the authorization information that is used to get a valid MDE token.

Get-MdeAuthorizationInfo

Returns the authorization information that is used to get a valid MDE token.

Get-MdeMachine

Gets one or multiple machine objects

Get-MdeMachineAlerts

Retrieves all Alerts related to a specific device.

Get-MdeMachineByFilter

Gets one or multiple machine objects by OData filter

Get-MdeMachineByIp

Find Machines seen with the requested internal IP in the time range of 15 minutes prior and after a given timestamp.

Get-MdeMachineByTag

Find Machines by Tag.

Get-MdeMachineLogonUsers

Retrieves a collection of logged on users on a specific device.

Get-MdeMachineMissingKbs

Retrieves missing KBs (security updates) by device ID

Get-MdeMachineRecommendations

Retrieves a collection of security recommendations related to a given device ID.

Get-MdeMachineSoftware

Retrieves a collection of installed software related to a given device ID.

Get-MdeMachineVulnerabilities

Retrieves a collection of discovered vulnerabilities related to a given device ID.

Get-MdeRoles

List roles for a given function.

Get-MdeSoftware

Retrieves the organization software inventory.

Get-MdeSoftwareByFilter

Retrieves the organization software inventory by OData filter.

Get-MdeSoftwareDistribution

Retrieves a list of your organization's software version distribution.

Get-MdeSoftwareMachineReferences

Retrieve a list of device references that has this software installed.

Get-MdeSoftwareMissingKbs

Retrieves missing KBs (security updates) by software ID.

Get-MdeSoftwareVulnerability

Retrieve a list of vulnerabilities in the installed software.

Get-MdeUserAlerts

Retrieves a collection of alerts related to a given user ID.

Get-MdeUserMachines

Retrieves a collection of devices related to a given user ID.

Get-MdeVulnerability

Retrieves vulnerability information.

Get-MdeVulnerabilityByMachine

Retrieves a list of all the vulnerabilities affecting the organization per machine and software.

Get-MdeVulnerabilityMachinesByVulnerability

Retrieves a list of devices affected by a vulnerability.

New-MdeServicePrincipal

Creates a service principal (app registration) for Defender for Endpoint.

Remove-MdeMachineTag

Removes tag to a specific Machine.

Set-MdeAuthorizationInfo

Set the authorization information that is used to get a valid MDE token.

Update-MdeMachine

Updates properties of existing Machine.