Menlo and Archer integration with Microsoft Sentinel

ChokroHyd · ‎Nov 07 2023

We have two scenarios,

1- We want to integrate Menlo Security tool with Microsoft Sentinel, and it looks like there isnt any built-in connector or matter of fact no materiel out there.

2- We also want to integrate Sentinel with Archer (so sentinel can send incident/alert data to Archer), a risk management tool with ticketing capability.

Could you guys please advise how this can be achieved, I know custom connector build would be the answer but does any one have achieved this already, any tips suggestions?

Clive_Watson · ‎Nov 07 2023

2. I'd assume Archer has an API, you could use the HTTP control in a Logic App (Playbook) to talk to the api, and follow the process used for other ticketing systems - one example: https://github.com/Azure/Azure-Sentinel/tree/51b0fe8ba764c74e2fa6ec136166443204c8b51c/Solutions/Atla...

I've assumed Archer doesnt have a Logic App item, but haven't checked.

ChokroHyd · ‎Nov 07 2023

Thanks Clive for the reply. Would this be cost effective way, as I have read in Microsoft material that "Logic App wouldn't be cost effective if there is large volume of data involved"?

Menlo and Archer integration with Microsoft Sentinel

Menlo and Archer integration with Microsoft Sentinel

Re: Menlo and Archer integration with Microsoft Sentinel

Re: Menlo and Archer integration with Microsoft Sentinel

Products (52)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

Menlo and Archer integration with Microsoft Sentinel

Menlo and Archer integration with Microsoft Sentinel

Re: Menlo and Archer integration with Microsoft Sentinel

Re: Menlo and Archer integration with Microsoft Sentinel