Defender - Baseline Query
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Defender - Baseline Query
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Defender - Baseline Query
Description
Defender - Baseline Query is a playbook that allows users to quickly and easily query their system for any baseline changes that have occurred. This playbook is designed to help users identify any changes that have been made to their system, such as new applications installed, changes to user accounts, or new security settings. The playbook runs a query against the system and provides a detailed report of all changes that have been made. The report can then be used to review and take corrective action if necessary. Additionally, the playbook can be configured to run on a regular basis to ensure that the system is kept up to date and secure. With Defender - Baseline Query, users can rest assured that their system is secure and up to date.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
Supported CDC Versions
- 2.8
Was this article helpful?