Are there any plans on the roadmap to expose (possibly read-only) data about individual protection policies for each tenant?
Things like scheduled scan date, per-policy exclusions, computer/group scoping, etc.
Hello Trevor and Skylar, I can shed some light on our plans for policy based APIs. If I were to classify the requests here, it looks like we have two requests.
I'm sorry but I am not sure what you are requesting here. Are you asking for an API path where you give a TenantID and get back all the policies that have been created in that tenant with a list of machines it is assigned to?
Right now, you can pull out the policy information on a per machine basis with the paths in the Endpoint API. Is that the information you are looking for?
Snr. New Product Introduction Engineer | CISSP | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
Bumping this since its been almost two weeks since I responded.
I have brought this to the attention of the Product Manager
Thank you. Would it also make sense for me to file this as a feature request at the link SkylarMelo gave?
yes, that is the official channel.
At current, we do not have plans for reporting API, however recognize this functionality is important to our customer base and are actively discussing what a full suite of reporting APIs and functionality would look like, and where it would fall on our backlog.
Now, for some good new! We are currently in active development on a full set of policy management APIs at the tenant level, which are currently due to release early in the first quarter of the 2021 calendar year. This will include functionality for policy retrieval and management across:
Initial release will cover the ability to:
Thank you for the update and info, I can't wait to see the new endpoints when they become available.
Hi Trevor, just to be clear, these aren't enhancements to the Endpoint APIs, they are policy API's at the tenant level, that will cover retrieval and update of endpoint policy functions.
Yeah, I would expect they'd land in the Common or Tenant API?
I have been tracking the new Central API docs pretty closely as I've been working on a C# library for building some reporting and "quality of life" tools. Simple stuff like quickly pulling endpoint Tamper Protection codes, ad-hoc start a scan, etc. As well as hopefully finishing up a SIEM exporter based on the new Alert endpoint(s) in the Common API.
This is great information, we always love to hear what our partners and customers are building with our APIs. If you're interested in an extended conversation around what's coming and for us to also get some feedback from you, please feel free to ping me via direct message and we can set up a chat in the new year.