Azure Sentinel is a cloud-native security information and event management (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise. By integrating Azure Sentinel with CloudDefense.ai, you can seamlessly monitor and analyze security vulnerabilities in your applications within a unified platform.
Setting Up Azure Sentinel Integration
Obtain the API Key from CloudDefense.ai:
Log in to CloudDefense.ai and navigate to Profile Management, or jump directly with this URL: https://console.clouddefenseai.com/profile-management
Copy your API key from the Profile Management page.
Configure Microsoft Management Agent (MMA):
In your Azure Sentinel, configure the Microsoft Management Agent (MMA) feature.
Set Up the HTTP Data Source:
Configure an HTTP Data Source to list vulnerabilities for a specific application.
Use this API endpoint with the application ID at the end to retrieve the list of all vulnerabilities:
https://console.clouddefenseai.com/api-v2/integrations/application/{application-id}
Add a header with the key API key and paste your API key obtained from the Profile Management page.
Create a Parser/Schema in Azure Sentinel:
Create a parser/schema within Azure Sentinel to access the key-value pairs from the JSON response.
Example JSON Schema
Below is an example schema that you can use to parse vulnerabilities data
For detailed information on sending REST API data to Azure Sentinel, visit the Microsoft Tech Community guide. < https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/sending-rest-api-data-to-azure-sentinel/ba-p/558896 >
Benefits
Unified Monitoring: Seamlessly track vulnerabilities across all your applications within Azure Sentinel.
AI-Powered Analysis: Leverage built-in AI to analyze large volumes of security data and prioritize remediation efforts.
Customizable Alerts: Create tailored alerts based on vulnerability severity, status, and more.
By following these steps, you'll integrate Azure Sentinel with CloudDefense.ai, allowing your organization to effectively monitor and respond to security vulnerabilities across your applications.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article