paulmataruso/main

mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-10-23 00:02:11 +00:00

Files

History

taylor_socfortress 32911f51a4 Update 109000-microsoft_defender.xml

2023-08-23 12:22:16 -05:00

..

109000-microsoft_defender.xml

Update 109000-microsoft_defender.xml

2023-08-23 12:22:16 -05:00

defender_for_endpoint_alerts.py

Update defender_for_endpoint_alerts.py

2022-10-25 13:00:45 -05:00

defender_for_endpoint_non_alert.py

Update defender_for_endpoint_non_alert.py

2023-08-23 09:56:22 -05:00

README.md

Update README.md

2022-08-20 08:22:29 -05:00

README.md

Office Defender For Endpoint Integration

Microsoft Defender for Endpoint has an API that we can interact with to pull alerts and events through Wazuh. The python scripts will pull events from the supported Defender for Endpoint API queries. These can be tied to a cronjob to pull during set intervals.

Endpoint APIs - Access the Microsoft Defender for Endpoint APIs

Need Help?

SOCFortress - - info@socfortress.co

Let SOCFortress Professional Services Take Your Open Source SIEM to the Next Level