This post was authored by Pawel Partyka from the Office 365 ATP Customer Experience Engineering team, along with the Microsoft Digital Security and Risk Engineering (DSRE) team.
Special thanks to ...
Updated Jul 20, 2020
Version 3.0
Blog Post
10 MIN READ
Improve the Effectiveness of your SOC with Office 365 ATP and the O365 Management API
This seems like a cool implementation, but we have a slightly different workflow and hoping you might be able to help point us in the right direction or maybe want to work on a new article?
We have develop a commercial security platform known as Sensato Nightingale. Nightingale has an API known as Nightingale Connect. We have a client who is using Office 365 and would like to send security alerts to Nightingale for evaluation. They also have Microsoft Defender 365. We have been trying to play around with the Office 365 Management API, but we can't seem to get the workflow working.
Simply stated, what is desired by the customer is that when a security alert occurs in Office 365, that alert and it's related information calls our API and passes the alert to our API. Do you by chance have any examples for this specific workflow?