Integrating on premises SIEM with microsoft casb

Copper Contributor

I am looking for the solution integrating on premises SIEM with existing  micsroft CaSB and viewing the incident and event of on premises devices on CASB. Is this possible ?

4 Replies

Thanks Dean for your reply much appreciated I have gone through the document,but I was looking other way around ingesting that logs from SIEM to cloud app portal SIEM is Fortisiem which will help us to see alerts and incidents on Microsoft defender

I don't think it is possible to ingest your SIEM into M365 Defender, however, you can ingest it into Sentinel. https://docs.microsoft.com/en-us/azure/sentinel/connect-common-event-format#supported-architectures
Thanks Joe, we were looking for a solution to make use of our existing siem with microsoft defender