Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Microsoft Sentinel: Public preview of Microsoft Defender for Cloud to Defender XDR integration
Published Nov 27 2023 01:21 PM 8,235 Views
Microsoft

At Ignite 2023 we announced the Public Preview of Microsoft Defender for Cloud integration into Microsoft Defender XDR. As a Microsoft Sentinel customer, you can benefit from this powerful integration in your own workspaces using the Defender XDR Incidents and Alerts connector simplifying attack detection by streaming merged detections from various sources. Security teams can now have visibility across all their cloud resources, devices and identities. 

 

To take advantage of this integration and synchronize their entire collection of subscriptions with their tenant-based Defender for Cloud incidents we recommend customers to: 

  • Install or update the Microsoft Defender for Cloud connector to version 3.0 from Content Hub and connect the Tenant-based Microsoft Defender for Cloud (Preview) connector to synchronize the entire collection of subscriptions with the incidents. 
  • Disconnect the legacy subscription-based Microsoft Defender for Cloud connector to prevent incident duplications. 
  • If you have previously enabled Analytics rules (scheduled or MS creation rules) to create incidents, you are encouraged to disable them. 
  • If the incidents connector already is enabled and you do not want to consume alerts from the entire collection and wish to continue with the subscription-based connector, you can opt-out of the integration from the Defender XDR portal. 
  • If the incidents connector is not enabled, you can still bring your tenant-based Microsoft Defender for Cloud alerts from your entire collection of subscriptions. 

 

Further information can be found in the Microsoft Sentinel What's New page

 

Additional Resources: 

Microsoft is committed to empowering our customers with modern security tools and platforms to enable critical protection for their organization and users. See additional resources below and learn more about exciting announcements at Ignite.   

 

 

7 Comments
Co-Authors
Version history
Last update:
‎Nov 29 2023 12:01 PM
Updated by: