CybSafe’s new ability to integrate with Microsoft Defender allows you to automatically feed us a broader range of security behaviour and events data.
To explore more on our security behaviours, take a look at our amazing SebDB!
CybSafe will then map this new data back to the relevant security behaviours, and use it to enhance our reporting back to you.
Currently actively tracking anti virus status for all registered user machines and feed this info into our behaviour reporting on a weekly basis.
The integration is in active development and will have more data be synced to the CybSafe platform in the coming months.
Note: This feature is not yet fully released, so you’ll only have access if you’ve opted-in to early releases. If you’ve opted-out, you'll get access when this feature is released fully.
How to set up the MS Defender integration
Follow the steps below to setup the integration between CybSafe and MS Defender.
🆔 Step 1: Obtain your Azure AD tenant_id
. You can find this in your Azure Active Directory.
🤞 Step 2: Click on the 'Complete Setup' at the bottom of the integrations page.
✍️ Step 3: You will be directed to a form, please enter your tenant_id and click submit.
⚙️ Step 4: You will be directed to the relevant MS Portal to grant permissions for the integration. The permissions required are:
- User.Read.All: Read all users’ full profiles
- Machine.Read.All: Read all machine profiles
You will be asked to login and be shown some information about the connection, please accept the permissions to complete the integration. 👇
And that's it! You are all done. 🏖️
Still have questions?
If you still have questions, you can contact the CybSafe team via [email protected]. We’re on hand to help resolve any further issues!