https://store-images.s-microsoft.com/image/apps.7420.2e919218-7e17-4f16-ba1f-e4aca2c0ffdf.4c9d84b1-ab70-470d-ab12-9ae806fe0afa.10168364-052b-46f8-bee3-54c3847f279d

CyberArk EPM/Sentinel Integration

CyberArk

CyberArk EPM/Sentinel Integration

CyberArk

Extract security events from CyberArk Endpoint Privilege Manager (EPM) into Microsoft Sentinel

Important: This Microsoft Sentinel Solution is currently in public preview. This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see Supplemental Terms of Use for Microsoft Azure Previews.

Note: There may be known issues pertaining to this Solution, please refer to them before installing.

CyberArk Endpoint Privilege Manager (EPM) helps to remove the barriers to enforcing least privilege and allows organizations to block and contain attacks at the endpoint, reducing the risk of information being stolen or encrypted and held for ransom.

The Microsoft Sentinel solution for CyberArk EPM allows a security administrator to pull Application Events and Policy Audit from EPM management console using the cloud APIs, into Sentinel for analysis and as part of customers threat modeling procedures.

Data Connectors: 1, Parsers: 1

Learn more about Microsoft Sentinel | Learn more about Solutions

Learn more about CyberArk Endpoint Privilege Manager (EPM)