Microsoft Defender for Office 365 (Preview) connector for Microsoft Sentinel
Microsoft Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. By ingesting Microsoft Defender for Office 365 alerts into Microsoft Sentinel, you can incorporate information about email- and URL-based threats into your broader risk analysis and build response scenarios accordingly.
The following types of alerts will be imported:
- A potentially malicious URL click was detected
- Email messages containing malware removed after delivery
- Email messages containing phish URLs removed after delivery
- Email reported by user as malware or phish
- Suspicious email sending patterns detected
- User restricted from sending email
These alerts can be seen by Office customers in the ** Office Security and Compliance Center**.
For more information, see the Microsoft Sentinel documentation.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | SecurityAlert (OATP) |
Data collection rules support | Not currently supported |
Supported by | Microsoft Corporation |
Next steps
For more information, go to the related solution in the Azure Marketplace.