https://store-images.s-microsoft.com/image/apps.43525.2a15730b-6967-401e-b596-2348606a6286.f5896555-0414-4a04-8b3d-b800d6d2f0ff.88d64dbc-f5ce-4ebe-a93a-fa75798237f6
Infoblox Cloud for Microsoft Sentinel
Infoblox Inc.
Infoblox Cloud for Microsoft Sentinel
Infoblox Inc.
Infoblox Cloud for Microsoft Sentinel
Infoblox Inc.
Connect Infoblox Cloud to Microsoft Sentinel.
Infoblox: Simplify and automate networking and security across a diverse multi-cloud infrastructure.
Instantly ingest your DNS data into Microsoft Sentinel to be richly parsed, searched, visualized and monitored. Import TIDE threat indicators directly into your Microsoft Sentinel Threat Intelligence to to detect malicious activity observed in your environment and provide context for your security teams to make well-informed response decisions. Automatically enrich Microsoft Sentinel Incidents with TIDE context and send that data in an email.
Via the Infoblox CDC, you can send your DNS query/response, DHCP and security logs from the BloxOne platform to be enriched with the out-of-box content that comes with this solution.
The Infoblox Cloud Data Connector (CDC) is a device designed to be deployed anywhere to collect DNS query and response data, DHCP events, and security logs from your choice of Infoblox products (including DDI, TD and NIOS). It also gives you the ability to easily filter the data before sending it to your chosen locations (such as a SIEM like Microsoft Sentinel) so that you don’t waste resources filling your SIEM platform with junk. This saves your organization steep costs of data retention and time needed to find ways to transfer the data out and into your own data pools.
The CDC is a feature of BloxOne Threat Defense, and as such, requires an appropriate Threat Defense licensing and deployment. This solution does NOT deploy a CDC.
NEW!! Using Infoblox TIDE + Dossier, you can import threat indicators as Threat Intelligence, automatically enrich incidents and send emails with valuable TIDE context.
Infoblox Dossier™ and TIDE uses highly accurate machine-readable threat intelligence data via a flexible Threat Intelligence Data Exchange (TIDE) to aggregate, curate, and enable distribution of data across a broad range of infrastructures. TIDE enables organizations to ease consumption of threat intelligence from various internal and external sources, and to effectively defend against and quickly respond to cyberthreats. TIDE is backed by the Infoblox threat intelligence team that normalizes and refines high-quality threat intelligence data feeds.
Infoblox TIDE is a feature of BloxOne Threat Defense, and as such, requires appropriate Threat Defense licensing and an API key. See more information about importing TIDE threat intelligence into Microsoft Sentinel here.
Data Connectors: 2, Parsers: 1, Workbooks: 1, Analytic Rules: 8, Playbooks: 11
Microsoft Sentinel solutions provide a consolidated way to acquire Microsoft Sentinel content like data connectors, workbooks, analytics, and automations in your workspace with a single deployment step.
Please refer to the following before installing the solution:
- Review the solution Release Notes.
- Review the TIDE Threat Intelligence playbooks and their installation here.
- There may be known issues pertaining to this solution.
https://store-images.s-microsoft.com/image/apps.27543.2a15730b-6967-401e-b596-2348606a6286.57faefe6-8cfa-4c2d-aebc-3fc4dad52a00.d4d41c6a-57c7-478e-9aac-01e610518f9f
https://store-images.s-microsoft.com/image/apps.27543.2a15730b-6967-401e-b596-2348606a6286.57faefe6-8cfa-4c2d-aebc-3fc4dad52a00.d4d41c6a-57c7-478e-9aac-01e610518f9f
https://store-images.s-microsoft.com/image/apps.32899.2a15730b-6967-401e-b596-2348606a6286.322e5143-570b-4360-aeed-4cf1ac370c20.cffef49b-16a9-465c-b0fc-9dd958e78275
https://store-images.s-microsoft.com/image/apps.2246.2a15730b-6967-401e-b596-2348606a6286.322e5143-570b-4360-aeed-4cf1ac370c20.413aad17-14ec-492a-b05f-dba87638310a
https://store-images.s-microsoft.com/image/apps.54614.2a15730b-6967-401e-b596-2348606a6286.af92c56c-2b25-4d08-b519-5b502d4f1e56.147c9dc3-eda8-466c-aef5-fd1a0074fb22
https://store-images.s-microsoft.com/image/apps.30723.2a15730b-6967-401e-b596-2348606a6286.af92c56c-2b25-4d08-b519-5b502d4f1e56.8c482205-4c2b-4cb3-ad9d-d6361dfd0635
https://store-images.s-microsoft.com/image/apps.3617.2a15730b-6967-401e-b596-2348606a6286.af92c56c-2b25-4d08-b519-5b502d4f1e56.a530ae86-0a6c-46cb-8dfc-6ad9dbcf62f0