Able to add an additional threat intelligence feeds to Microsoft Defender for Endpoint ?

Copper Contributor



Is there any way to add additional threat intelligence feeds (e.g. community threat intelligence, autofocus-hosted threat intelligence) to Microsoft Defender for Endpoint?

1 Reply

@tay76 I believe, once you integrate with a SIEM solution you could then use additional threat intelligence feed. Azure sentinel can do this Connect your threat intelligence platform to Azure Sentinel | Microsoft Docs and connecting Microsoft services to sentinel is easy. Connect Microsoft Defender for Endpoint data to Azure Sentinel | Microsoft Docs