Able to add an additional threat intelligence feeds to Microsoft Defender for Endpoint ?

%3CLINGO-SUB%20id%3D%22lingo-sub-2577807%22%20slang%3D%22en-US%22%3EAble%20to%20add%20an%20additional%20threat%20intelligence%20feeds%20to%20Microsoft%20Defender%20for%20Endpoint%20%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2577807%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20any%20way%20to%20add%20additional%20threat%20intelligence%20feeds%20(e.g.%20community%20threat%20intelligence%2C%20autofocus-hosted%20threat%20intelligence)%20to%20Microsoft%20Defender%20for%20Endpoint%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi,

 

Is there any way to add additional threat intelligence feeds (e.g. community threat intelligence, autofocus-hosted threat intelligence) to Microsoft Defender for Endpoint?

1 Reply

@tay76 I believe, once you integrate with a SIEM solution you could then use additional threat intelligence feed. Azure sentinel can do this Connect your threat intelligence platform to Azure Sentinel | Microsoft Docs and connecting Microsoft services to sentinel is easy. Connect Microsoft Defender for Endpoint data to Azure Sentinel | Microsoft Docs