Endpoint Detection and Response API

This document covers the Endpoint Detection and Response (EDR) application programming interface (Endpoint Detection and Response API).

What can I do with the Endpoint Detection and Response API?

This interface enables integration developers to programmatically leverage the following functionality:

  • Fetch information about incidents.

  • Manage the incident investigation state.

  • Perform a response action on the incident.

  • Perform batch update of the investigation states.

For more details on the Endpoint Detection and Response (EDR) functionality, see the product documentation.

Data format

The API uses HTTP/1.1 protocol and operates mostly with JSON-formatted messages.

Location

The Acronis Endpoint Detection and Response API is available at a specific URL (the base URL): <datacenter_url>/api/mdr/v<version>, where:

  • <datacenter_url> is the URL of the Acronis data center where the client using the API is registered.

  • <version> is the API version number.
    The Endpoint Detection and Response API is currently version 1.