Azure Sentinel

Microsoft Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyse large volumes of data across an enterprise.

  1. Now in your Azure Sentinel, we will use the Microsoft Management Agent (MMA) feature.

  2. Let’s configure HTTP Data Source for showing a list of vulnerabilities in any specific application

  3. Use this API endpoint with Application ID in end, to get list of all vulnerabilities,, you also need to send 1 header with key “apikey” and you can obtain your api key from -

  4. Now, you can configure your parser / schema within Azure Sentinel, to access different key / values from json.

For more detailed information visit this -

Last updated