Microsoft Defender for Endpoint connector for Microsoft Sentinel

Microsoft Defender for Endpoint is a security platform designed to prevent, detect, investigate, and respond to advanced threats. The platform creates alerts when suspicious security events are seen in an organization. Fetch alerts generated in Microsoft Defender for Endpoint to Microsoft Sentinel so that you can effectively analyze security events. You can create rules, build dashboards and author playbooks for immediate response. For more information, see the Microsoft Sentinel documentation >.

Connector attributes

Connector attribute Description
Log Analytics table(s) SecurityAlert (MDATP)
Data collection rules support Not currently supported
Supported by Microsoft Corporation

Next steps

For more information, go to the related solution in the Azure Marketplace.