Zimperium Mobile Threat Defense connector for Microsoft Sentinel
Zimperium Mobile Threat Defense connector gives you the ability to connect the Zimperium threat log with Microsoft Sentinel to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's mobile threat landscape and enhances your security operation capabilities.
|Log Analytics table(s)||ZimperiumThreatLog_CL
|Data collection rules support||Not currently supported|
All threats with threat vector equal to Device
ZimperiumThreatLog_CL | where threat_vector_s == "Device" | limit 100
All threats for devices running iOS
ZimperiumThreatLog_CL | where device_os_s == "ios" | order by event_timestamp_s desc nulls last
View latest mitigations
ZimperiumMitigationLog_CL | order by event_timestamp_s desc nulls last
Vendor installation instructions
Configure and connect Zimperium MTD
- In zConsole, click Manage on the navigation bar.
- Click the Integrations tab.
- Click the Threat Reporting button and then the Add Integrations button.
- Create the Integration:
- From the available integrations, select Microsoft Sentinel.
- Enter your workspace id and primary key from the fields below, click Next.
- Fill in a name for your Microsoft Sentinel integration.
- Select a Filter Level for the threat data you wish to push to Microsoft Sentinel.
- Click Finish
- For additional instructions, please refer to the Zimperium customer support portal.
For more information, go to the related solution in the Azure Marketplace.
Submit and view feedback for