Has anyone managed to construct API queries to pull out Detections/Investigations from Sophos XDR at all?
We want these to be pushed into our ticketing platform as they are generated (or fetch them every 5 mins etc.) but I can't find any part of the API that can be used for this.
Seems like a necessary feature that's not available.
Can anyone shed any light?