With automation being a priority for a growing number of security teams, I think that there would be value in increasing the footprint of commands available via the REST API for SEPM. For example, a great use case would be retrieving the last logged in user onto the computer where SEPM is installed. This would be valuable in ensuring that we communicate our security policies to the correct person when SEPM catches malicious activity on their computer.
Thanks,
Jeremiah