Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

MCAS and Demisto (SOAR) integration

Copper Contributor

Hi Guys,

I need to integrate MCAS with Demisto (SOAR). We have Splunk as SIEM tool in our environment. 

 

Should I integrate MCAS with Splunk first and then to Demisto (so that all logs first go to SIEM and then to Demisto) or directly integrate MCAS with Demisto?

 

Need assistance to know what should be best approach and what will be the advantages over the other. 

0 Replies