You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As part of effort to leverage Cloud Security workflows such as Elastic CSPM and CNVM for 3rd party integrations, the vulnerabilities data from Microsoft Defender XDR (formerly M365 Defender) needs to be enriched just like previous enhancements for Wiz, Qualys VMDR, and Rapid7 InsighVM.
For this work, the m365_defender.vulnerability data stream which ingests exported vulnerabilities of assets must be enriched to support Elastic CNVM workflow.
Tasks:
Get access to Microsoft Defender XDR environment.
Setup Microsoft Defender XDR ingestion in cluster.
Analyse required mapping changes for Microsoft Defender XDR and get feedback from Cloud team.
As part of effort to leverage Cloud Security workflows such as Elastic CSPM and CNVM for 3rd party integrations, the vulnerabilities data from Microsoft Defender XDR (formerly M365 Defender) needs to be enriched just like previous enhancements for Wiz, Qualys VMDR, and Rapid7 InsighVM.
For this work, the
m365_defender.vulnerabilitydata stream which ingests exported vulnerabilities of assets must be enriched to support Elastic CNVM workflow.Tasks: