Start consuming Windows Defender ATP alerts data on IBM QRadar SIEM

Microsoft

Oct 10, 2018

Hi Everyone,

We’re very excited to share that IBM QRadar has released an adapter for Windows Defender Advanced Threat Protection. IBM QRadar now joins the list of security event and incidents management (SIEM) solutions that can consume Windows Defender ATP alerts data, alongside ArcSight and Splunk.

For more information about connecting Windows Defender ATP to IBM QRadar, see: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection#integrate-windows-defender-atp-with-ibm-qradar

Thanks,

Windows Defender ATP Team

Published Oct 10, 2018

Version 1.0

Evald Markinzon

Microsoft

Joined November 06, 2017

View Profile

Microsoft Defender for Endpoint Blog

Microsoft Defender for Endpoint disrupts ransomware with industry-leading endpoint security, providing comprehensive protection across all platforms and devices.

Blog Post

Start consuming Windows Defender ATP alerts data on IBM QRadar SIEM