Microsoft defender for endpoint integration without the SIR

sylvainbarr
Tera Contributor

4 hours ago

 
0 Helpfuls
  • 75 Views
4 REPLIES 4

Dr Atul G- LNG
Tera Patron
Tera Patron

4 hours ago

Sorry, could you please clarify your exact requirement? Are you trying to integrate Microsoft Defender with ServiceNow?"

 

https://www.servicenow.com/docs/bundle/zurich-security-management/page/product/secops-integration-si...

As far as I know, ServiceNow does not recommend proceeding without using SIR."

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls

sylvainbarr
Tera Contributor
In response to Dr Atul G- LNG

4 hours ago

Thanks for the quick reply, I did add details, I was to quick on the post button. I am aware that it's not recommended, my client does not have the budget to go with SIR yet. currently we are using an e-mail/inbound action to generate incident, and we want to move away from that approach.

0 Helpfuls

sylvainbarr
Tera Contributor

4 hours ago

Sorry for the lack of details; 

So I have to integrate Microsoft Defender for Endpoint (MDE)t with ServiceNow without the SIR (SecOps). This integration will be used to generate incidents based on specific triggers on the MDE side. I know Microsoft Defender for cloud apps has an integration plug in that can be used as a point to point or in conjonction with Logic apps integration engine. My question, is there a similar available integration option for MDE natively?

0 Helpfuls

Dr Atul G- LNG
Tera Patron
Tera Patron
In response to sylvainbarr

4 hours ago

Hi @sylvainbarr 

To the best of my knowledge, there isn’t a native integration available for MDE (Microsoft Defender for Endpoint).

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************