Microsoft

Defender for Endpoint

Microsoft Security Graph is a unified gateway that consolidates security insights from various Microsoft products and services including Defender for Endpoint.

Depending on your underlying Microsoft license (e.g. E5), Sophos will ingest data from the following security telemetry sources via the graph API:

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud
  • Microsoft Defender for Cloud Apps
  • Microsoft Entra ID Protection
  • Microsoft Sentinel
  • Microsoft 365 Security & Compliance Center

Sophos MDR and Sophos XDR customers using Microsoft security solutions can strengthen their defenses against advanced threats. The integration sends Microsoft alerts to the Sophos Central platform, which are then filtered, cleaned, correlated, and in some cases, escalated for investigation by analysts.

Sophos Products

Sophos MDR/XDR Integrations

Partner Technology

Cloud

Data Security

Endpoint Security

Identity & Access Management

Messaging Security