Forum Discussion
MCAS + Azure ATP and Defender ATP
Hi,
Anyone tried connecting their Azure ATP and Defender ATP to MCAS? I dont see any alerts coming from AATP and DATP in MCAS.
Hi ItsMeMichael
Defender ATP does not route alerts to MCAS.
More details about the integration can be found here:
https://docs.microsoft.com/en-us/cloud-app-security/wdatp-integrationBoris
5 Replies
- Boris_KacevichFormer Employee
Hi ItsMeMichael
Defender ATP does not route alerts to MCAS.
More details about the integration can be found here:
https://docs.microsoft.com/en-us/cloud-app-security/wdatp-integrationBoris
- ItsMeMichaelCopper Contributor
Boris_Kacevich i see.. thank you so much.
- SamiLamppuBrass Contributor
ItsMeMichael About Azure ATP, you should receive alerts from Azure ATP after integration is enabled. The documentation states that it may take 12 hours until the integration takes effect.
After enabling Azure ATP integration, you'll be able to see on-premises activities for all the users in your organization. You will also get advanced insights on your users that combine alerts and suspicious activities across your cloud and on-premises environments. Additionally, policies from Azure ATP will appear on the Cloud App Security policies page.
https://docs.microsoft.com/en-us/cloud-app-security/aatp-integration
Has the situation changed, do you see the Azure ATP activities in the Activity Log?
Hi, Microsoft will always tell you that it can take a bit of time for alerts in MCAS to show up when you configure new settings like this. How recently did you configure this?