Forum Discussion

Avinash08's avatar
Avinash08
MCT
Jul 09, 2025

Unified SecOps XDR

Hi, I am reaching out to community to seek understanding regarding Unified SecOps XDR portal for Multi-tenant Multi-workspace. Our organization already has a Azure lighthouse setup. My question is i...
migration
siem
solutions
what's new
DaveMarkham's avatar
DaveMarkham
Copper Contributor
Aug 07, 2025

I have exactly the same question. We are an MSSP and have multiple customers with Sentinel which we access via delegated access (lighthouse). The customers own their own Azure tenants so this means we dont actually need accounts in their tenant, they just run the lighthouse template. How will we access customers defender portals with our own identities? Will the customer have to invite us as external users and then have the overhead of handling JML for our users?

Markowski's avatar
Markowski
Iron Contributor
Sep 29, 2025

If you don't mind can I answer it? You can access Defender portals via Lighthouse delegations, but it requires explicitly delegating Defender-related roles in the Lighthouse template. Customers don't need to invite your users as "external" guests (via Azure AD B2B), and you can minimize JIT if you use Azure AD Privileged Identity Management (PIM). However, out-of-the-box Lighthouse focuses on Azure resource management—Defender is an add-on, so you'll need to expand the delegation. If it helps let me know

Resources