Hi Everyone,
We’re very excited to share that IBM QRadar has released an adapter for Windows Defender Advanced Threat Protection. IBM QRadar now joins the list of security event and incidents management (SIEM) solutions that can consume Windows Defender ATP alerts data, alongside ArcSight and Splunk.
For more information about connecting Windows Defender ATP to IBM QRadar, see: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection#integrate-windows-defender-atp-with-ibm-qradar
Thanks,
Windows Defender ATP Team
Published Oct 10, 2018
Version 1.0Evald Markinzon
Microsoft
Joined November 06, 2017
Microsoft Defender for Endpoint Blog
When evaluating various solutions, your peers value hearing from people like you who’ve used the product. Review Defender for Endpoint by filling out a Gartner Peer Insights survey and receive a $25 USD gift card (for customers only). Microsoft Privacy Statement