Zimperium Mobile Threat Defense connector for Microsoft Sentinel

Zimperium Mobile Threat Defense connector gives you the ability to connect the Zimperium threat log with Microsoft Sentinel to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's mobile threat landscape and enhances your security operation capabilities.

This is autogenerated content. For changes, contact the solution provider.

Connector attributes

Connector attribute Description
Log Analytics table(s) ZimperiumThreatLog_CL
Data collection rules support Not currently supported
Supported by Zimperium

Query samples

All threats with threat vector equal to Device


| where threat_vector_s  == "Device" 

| limit 100

All threats for devices running iOS


| where device_os_s == "ios" 

| order by event_timestamp_s  desc nulls last

View latest mitigations


| order by event_timestamp_s  desc nulls last

Vendor installation instructions

Configure and connect Zimperium MTD

  1. In zConsole, click Manage on the navigation bar.
  2. Click the Integrations tab.
  3. Click the Threat Reporting button and then the Add Integrations button.
  4. Create the Integration:
  • From the available integrations, select Microsoft Sentinel.
  • Enter your workspace id and primary key from the fields below, click Next.
  • Fill in a name for your Microsoft Sentinel integration.
  • Select a Filter Level for the threat data you wish to push to Microsoft Sentinel.
  • Click Finish
  1. For additional instructions, please refer to the Zimperium customer support portal.

Next steps

For more information, go to the related solution in the Azure Marketplace.