Similar to Max Kaplan re: Rewst. Would love expanded API endpoints (especially 365 MDR) and the ability to POST updates to incidents and escalations, and creation of unwanted access rules, with the API.

Use cases:

* We'd like to build a travel notification flow that proactively makes any needed changes to Conditional Access policies along with setting the unwanted access rule in Huntress automatically.

* Housekeeping: "No usage location" 365 alerts could be automatically resolved. Password usage detection alerts we notify clients but currently have to go in and close out all those incidents by hand.

* Enable SEIM per-client based on ConnectWise PSA agreement products