Note: There may be known issues pertaining to this solution, please refer to them before installing.

CyberArk supports third-party SIEM applications integrated with Audit service, that provides audit trails for activities, events, and sessions that are performed by any integrated service on the Identity Security Platform Shared Services. SOC analysts initiate threat investigations through Microsoft Sentinel, which integrates seamlessly with CyberArk Audit. By leveraging the rich audit trail data from CyberArk Audit, the solution ensures a comprehensive view of system and user activities. Automated workflows within Microsoft Sentinel enable real-time response to identified threats, enhancing the overall efficiency and effectiveness of incident response processes.

Data Connectors: 1

Audit Service to Microsoft Sentinel User Guide

Learn more about Microsoft Sentinel | Learn more about CyberArk Audit Service