Jul 22 2021 07:04 PM
Hi,
Is there any way to add additional threat intelligence feeds (e.g. community threat intelligence, autofocus-hosted threat intelligence) to Microsoft Defender for Endpoint?
Aug 06 2021 09:51 AM
@tay76 I believe, once you integrate with a SIEM solution you could then use additional threat intelligence feed. Azure sentinel can do this Connect your threat intelligence platform to Azure Sentinel | Microsoft Docs and connecting Microsoft services to sentinel is easy. Connect Microsoft Defender for Endpoint data to Azure Sentinel | Microsoft Docs