Microsoft announced the general availability of the Windows Defender Advanced Threat Protection (ATP) programmatic application programming interface (API) The Windows Defender ATP APIs are “a rich and complete set of APIs geared to fulfill the needs of security operations teams
Source: and orchestration of actions”” in enterprise environments. The APIs can be accessed in Application Context or User Context