Microsoft

Defender for Identity

Microsoft Security Graph is a unified gateway that consolidates security insights from various Microsoft products and services including Defender for Identity.

Depending on your underlying Microsoft license (e.g. E5), Sophos will ingest data from the following security telemetry sources via the graph API:

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud
  • Microsoft Defender for Cloud Apps
  • Microsoft Entra ID Protection
  • Microsoft Sentinel
  • Microsoft 365 Security & Compliance Center

Sophos MDR and Sophos XDR customers using Microsoft security solutions can strengthen their defenses against advanced threats. The integration sends Microsoft alerts to the Sophos Central platform, which are then filtered, cleaned, correlated, and in some cases, escalated for investigation by analysts.

Sophos Products

Sophos MDR/XDR Integrations

Partner Technology

Identity & Access Management

Solution Category

Sophos MDR/XDR Integrations

Resources

Microsoft Graph Security integration setup