Azure Blob Storage to Defender for Endpoint?

Brass Contributor

Just staring with Azure, and for various reasons, I'm looking for a way to host a csv file of 'indicators of compromise' on Azure blob storage and read them from 'Defender for Endpoint.  

 

Like this ----

 

let C2Threats = materialize (
    (externaldata(report:string)
    with (format = "txt"))

 

Is there a way to do this safely without an access key?  Locking it down by IP Address or URL? 

 

Is "Anonymous public read access for containers and blobs."  a possibility?  Is it possible to lock that down by url or IP address so only Defender and hosts on our network can grab it? 

 

Thank you! 

 

 

 

 

0 Replies