SIEM connector now available for Office 365 Advanced Security Management

Published Jun 05 2017 11:15 AM 11.9K Views

A year ago we announced a way for you to get greater visibility and control over Office 365 with Advanced Security Management (ASM).  Since then we have added new features to help you better determine shadow IT activity, and we’ve enhanced control over 3rd party apps connected to Office 365.  We have also heard a lot of feedback on what else you want in ASM and today we are excited to announce that the ability to have centralized monitoring of ASM alerts with your SIEM is now available. Integrating with a SIEM service allows you to better protect Office 365 while maintaining your organization’s security workflow, automating security procedures and correlating between your cloud-based and on-premises events.  To learn how to setup the ASM SIEM connector please reference the documentation here.

 

siem.png

3 Comments
%3CLINGO-SUB%20id%3D%22lingo-sub-74947%22%20slang%3D%22en-US%22%3ESIEM%20connector%20now%20available%20for%20Office%20365%20Advanced%20Security%20Management%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-74947%22%20slang%3D%22en-US%22%3E%3CP%3EA%20year%20ago%20we%20%3CA%20href%3D%22https%3A%2F%2Fblogs.office.com%2F2016%2F06%2F01%2Fgain-enhanced-visibility-and-control-with-office-365-advanced-security-management%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Eannounced%3C%2FA%3E%20a%20way%20for%20you%20to%20get%20greater%20visibility%20and%20control%20over%20Office%20365%20with%20Advanced%20Security%20Management%20(ASM).%26nbsp%3B%20Since%20then%20we%20have%20added%20new%20features%20to%20help%20you%20better%20%3CA%20href%3D%22https%3A%2F%2Fblogs.office.com%2F2016%2F09%2F26%2Fapplying-intelligence-to-security-and-compliance-in-office-365%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Edetermine%20shadow%20IT%20activity%3C%2FA%3E%2C%20and%20we%E2%80%99ve%20%3CA%20href%3D%22https%3A%2F%2Fblogs.office.com%2F2016%2F10%2F31%2Fenhanced-control-over-third-party-apps-now-available-in-office-365%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Eenhanced%20control%20over%203rd%20party%20apps%3C%2FA%3E%20connected%20to%20Office%20365.%26nbsp%3B%20We%20have%20also%20heard%20a%20lot%20of%20feedback%20on%20what%20else%20you%20want%20in%20ASM%20and%20today%20we%20are%20excited%20to%20announce%20that%20the%20ability%20to%20have%20centralized%20monitoring%20of%20ASM%20alerts%20with%20your%20SIEM%20is%20now%20available.%20Integrating%20with%20a%20SIEM%20service%20allows%20you%20to%20better%20protect%20Office%20365%20while%20maintaining%20your%20organization%E2%80%99s%20security%20workflow%2C%20automating%20security%20procedures%20and%20correlating%20between%20your%20cloud-based%20and%20on-premises%20events.%26nbsp%3B%20To%20learn%20how%20to%20setup%20the%20ASM%20SIEM%20connector%20please%20reference%20the%20documentation%20%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Farticle%2Fdd6d2417-49c4-4de6-9294-67fdabbf8532%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ehere%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-left%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F15337i1203950FEAB377D2%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22siem.png%22%20title%3D%22siem.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-74947%22%20slang%3D%22en-US%22%3E%3CP%3EA%20year%20ago%20we%20announced%20a%20way%20for%20you%20to%20get%20greater%20visibility%20and%20control%20over%20Office%20365%20with%20Advanced%20Security%20Management%20(ASM).%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-74947%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdvanced%20Security%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-220286%22%20slang%3D%22en-US%22%3ERe%3A%20SIEM%20connector%20now%20available%20for%20Office%20365%20Advanced%20Security%20Management%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-220286%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3CBR%20%2F%3Ei%20would%20like%20to%20know%20if%20by%20integrating%20O365%20to%20siem%26nbsp%3B%20solution%2C%20there%20is%20a%20way%20to%20choose%20which%20logs%20to%20be%20pushed%20to%20siem%20(%20means%20not%20pushing%20all%26nbsp%3B%20logs).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnother%20question%2C%26nbsp%3B%20for%20email%20investigation%20recipient%20and%20sender%20email%20address%26nbsp%3B%20and%26nbsp%3B%20email%20title%20would%20be%20in%20the%26nbsp%3B%26nbsp%3B%20logs%2C%26nbsp%3B%20is%20there%20any%20way%20to%20%3CSTRONG%3Eexclude%20few%20emails%3C%2FSTRONG%3E%20in%20company%20form%20being%20in%20the%20log%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-75144%22%20slang%3D%22en-US%22%3ERe%3A%20SIEM%20connector%20now%20available%20for%20Office%20365%20Advanced%20Security%20Management%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-75144%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Vasil%2C%3C%2FP%3E%0A%3CP%3EThe%20items%20on%20the%20ASM%20roadmap%20are%20posted%20on%20the%20public%20roadmap%20at%20%3CA%20href%3D%22http%3A%2F%2Froadmap.office.com%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ehttp%3A%2F%2Froadmap.office.com%3C%2FA%3E.%20For%20the%20change%20log%2C%20I%20will%20talk%20with%20the%20enginerring%20team%20to%20see%20if%20something%20similar%20can%20be%20created%20for%20ASM.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-75136%22%20slang%3D%22en-US%22%3ERe%3A%20SIEM%20connector%20now%20available%20for%20Office%20365%20Advanced%20Security%20Management%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-75136%22%20slang%3D%22en-US%22%3E%3CP%3EAh%20well%2C%20just%20wrapped%20up%20a%20post%20saying%20the%20SIEM%20connector%20is%20coming%20soon%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20you%20share%20some%20more%20on%20the%20ASM%20roadmap%20and%20maybe%20provide%20us%20with%20a%20separate%20changelog%3F%20Every%20time%20I%20check%20the%20CAS%20changelog%20I%20get%20more%20and%20more%20by%20the%20number%20of%20features%20that%20havent%20made%20it%20to%20ASM.%20Files%20actions%20for%20example%2C%20intergration%20with%20AIP%2FRMS%2C%20heck%20even%20Team%20events%20are%20not%20being%20processed%20yet...%3C%2FP%3E%3C%2FLINGO-BODY%3E
Version history
Last update:
‎May 11 2021 01:53 PM
Updated by: