CloudDefense.AI
  • Connect Repositories
    • Scan a Github/Gitlab
    • Scan an Azure DevOps repository
    • Scan a Bitbucket repository
  • Scans
    • Written code Scan (SAST)
    • Open Source Libraries Scan (SCA)
    • Secrets Scan
    • DAST Scans
    • API Scan from CloudDefense UI
  • CI/CD
    • GitHub Enterprise Actions
    • Methods for CI/CD integration with CLI
    • CI/CD Policies
    • Jenkins integration with cdefence
  • Integration
    • IaC on GCR Scan
    • IaC on Amazon ECR Scan
    • IaC on Docker Hub Scan
    • Integration with ServiceNow
    • Integration with Jira
    • SSO Okta App Integration
    • Set up CloudDefense Single Sign-On (SSO)
    • SIEM
      • Azure Sentinel
      • IBM Qradar
      • Micro Focus ArcSight Logger
  • Features
    • Sharing Integration
    • How to Enable Multi-Factor Authentication
    • AUTO PR
    • Remediation using SAST Recommendations
    • Global Allowed List and Local allowed list - Documentation
    • File Exclude
  • CloudDefense CLI
    • Cloud Defense CLI
  • On-Prem Installation
    • Install CloudDefense Helm on a Kubernetes Cluster
    • Install CloudDefense suite on a Kubernetes cluster
  • Others
    • Team Management
    • User Management
    • App Management
    • LogIn/Signup process
Powered by GitBook
On this page
  1. Integration
  2. SIEM

Azure Sentinel

Microsoft Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyse large volumes of data across an enterprise.

  1. Get API key from - https://console.clouddefenseai.com/profile-management

  2. Now in your Azure Sentinel, we will use the Microsoft Management Agent (MMA) feature.

  3. Let’s configure HTTP Data Source for showing a list of vulnerabilities in any specific application

  4. Use this API endpoint with Application ID in end, to get list of all vulnerabilities, https://console.clouddefenseai.com/api-v2/integrations/application/584174528, you also need to send 1 header with key “apikey” and you can obtain your api key from - https://console.clouddefenseai.com/profile-management

  5. Now, you can configure your parser / schema within Azure Sentinel, to access different key / values from json.

For more detailed information visit this - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/sending-rest-api-data-to-azure-sentinel/ba-p/558896

PreviousSIEMNextIBM Qradar

Last updated 2 years ago