Threat Intelligence Platforms connector for Microsoft Sentinel

Microsoft Sentinel integrates with Microsoft Graph Security API data sources to enable monitoring, alerting, and hunting using your threat intelligence. Use this connector to send threat indicators to Microsoft Sentinel from your Threat Intelligence Platform (TIP), such as Threat Connect, Palo Alto Networks MindMeld, MISP, or other integrated applications. Threat indicators can include IP addresses, domains, URLs, and file hashes. For more information, see the Microsoft Sentinel documentation >.

Connector attributes

Connector attribute Description
Log Analytics table(s) ThreatIntelligenceIndicator
Data collection rules support Not currently supported
Supported by Microsoft Corporation

Next steps

For more information, go to the related solution in the Azure Marketplace.