https://store-images.s-microsoft.com/image/apps.27512.0a2d9bd8-6f34-4f6f-ae30-d476bd8647f2.a66f5d9e-d7f8-4fa3-a1e5-0bf6079782cf.351dc418-a721-496b-bee2-c9d8fbd3fa70

Microsoft 365 Defender

Azure Sentinel, Microsoft Corporation

Microsoft 365 Defender

Azure Sentinel, Microsoft Corporation

Microsoft 365 Defender

Note: There may be known issues pertaining to this Solution, please refer to them before installing.

The Microsoft 365 Defender solution for Microsoft Sentinel enables you to ingest Security Alerts/Incidents and raw logs from the products within Microsoft 365 Defender suite into Microsoft Sentinel.

Additional Hunting Queries to support proactive and reactive hunting for the Microsoft 365 Defender solution can be found on GitHub. This repository has a collection of queries developed by Microsoft Security Research and Microsoft Sentinel community contributions.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Azure Monitor HTTP Data Collector API

Data Connectors: 1, Analytic Rules: 8

Learn more about Microsoft Sentinel | Learn more about Solutions