Below are some examples of what is capable today with our current API set as well as some of the things we are embarking on for integrations with top vendors of software in:
Programmatically manage customers to retrieve specific data around each tenant such as Name, billing types, and GDPR data region or even create a new tenant from within your own management application
Quickly determine health and service status of endpoints across all customers or individual customers
Manage endpoint tamper protection to determine if it is disabled which poses a security risk, then re-enable if so
Perform security related management of Endpoints by executing scans, or update checks across specific endpoints. Even deletion of an endpoint is possible.
Populate data into a dashboard to quickly determine and remediate an outbreak within a customer organization by retrieving all alerts across a customer, or specific machine. Even searching for alerts by type and severity is supported.
Mitigate a threat directly from the alert actions and then acknowledge it to ensure other resources aren’t erroneously investigating.
Note: Sophos Central API access is given at the partner level and will automatically propagate to all flex tenants. Term tenants must be opted into Partner assistance management.
Enabling Partner Assistance >> Navigate to [Your Customer Name] at the top right of Central Admin >> Account Details >> Sophos Support >> Toggle Partner Assistance to the On position.
Note: It is important to determine your partner ID by calling the WHO AM I API in order to execute subsequent calls across tenants.