You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As part of effort to leverage Cloud Security workflows such as Elastic CSPM and CNVM for 3rd party integrations, the vulnerabilities data from Microsoft Defender for Endpoint needs to be enriched just like previous enhancements for Wiz, Qualys VMDR, and Rapid7 InsighVM.
For this work, the microsoft_defender_endpoint.vulnerability data stream which ingests exported vulnerabilities of assets must be enriched to support Elastic CNVM workflow.
Tasks:
Get access to Microsoft Defender for Endpoint environment.
Setup Microsoft Defender for Endpoint ingestion in cluster.
Analyse required mapping changes for Microsoft Defender for Endpoint and get feedback.
As part of effort to leverage Cloud Security workflows such as Elastic CSPM and CNVM for 3rd party integrations, the vulnerabilities data from Microsoft Defender for Endpoint needs to be enriched just like previous enhancements for Wiz, Qualys VMDR, and Rapid7 InsighVM.
For this work, the
microsoft_defender_endpoint.vulnerabilitydata stream which ingests exported vulnerabilities of assets must be enriched to support Elastic CNVM workflow.Tasks: