Security operations integration

Prashant64
Tera Contributor

‎09-17-2025 12:54 AM

Do we have an integration facility with MSFT Defender Attack Surface Manager? If yes, kindly share any documentation w.r.t integration procedures

0 Helpfuls
  • 1,534 Views
10 REPLIES 10

Ondrej Bernat
Tera Expert

3 weeks ago

Hi Prashant,

we have used Asset Security Posture Management product from ServiceNow to identify MS Defender coverage gaps on client assets.
https://store.servicenow.com/store/app/f11aa3e21b246a50a85b16db234bcb66

There is an OOTB integration with MS Defender by using Service Graph Connector.
https://store.servicenow.com/store/app/ab8ea7aa1b646a50a85b16db234bcbf2

Then we created the policies in Asset Security Posture Management to create findings for not covered devices (Defender not installed or old version of agent installed or device not reported by Defender for some days).
Findings are then processed in a similar way to VITs, but instead of Vulnerability Response, there is the Configuration Compliance module to handle them (grouping to Remediation tasks, assignment, remediation targets and so on, basically the same possibilities like in VR).

If my response helped you, please mark it as Helpful & Accept the solution.

Best regards,
Ondrej Bernat

0 Helpfuls