We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More

Microsoft defender for endpoint integration without the SIR

sylvainbarr
Tera Contributor
 
1 ACCEPTED SOLUTION

Hi @sylvainbarr 

To the best of my knowledge, there isn’t a native integration available for MDE (Microsoft Defender for Endpoint).

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG

****************************************************************************************************************

View solution in original post

4 REPLIES 4

Dr Atul G- LNG
Tera Patron

Sorry, could you please clarify your exact requirement? Are you trying to integrate Microsoft Defender with ServiceNow?"

 

https://www.servicenow.com/docs/bundle/zurich-security-management/page/product/secops-integration-si...

As far as I know, ServiceNow does not recommend proceeding without using SIR."

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG

****************************************************************************************************************

Thanks for the quick reply, I did add details, I was to quick on the post button. I am aware that it's not recommended, my client does not have the budget to go with SIR yet. currently we are using an e-mail/inbound action to generate incident, and we want to move away from that approach.

sylvainbarr
Tera Contributor

Sorry for the lack of details; 

So I have to integrate Microsoft Defender for Endpoint (MDE)t with ServiceNow without the SIR (SecOps). This integration will be used to generate incidents based on specific triggers on the MDE side. I know Microsoft Defender for cloud apps has an integration plug in that can be used as a point to point or in conjonction with Logic apps integration engine. My question, is there a similar available integration option for MDE natively?

Hi @sylvainbarr 

To the best of my knowledge, there isn’t a native integration available for MDE (Microsoft Defender for Endpoint).

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG

****************************************************************************************************************