Microsoft

Defender for Endpoint

Microsoft Graph security API is a unified gateway that consolidates security insights from various Microsoft products and services including Defender for Endpoint.

Depending on your underlying Microsoft license (e.g. E5), Sophos will ingest data from the following security telemetry sources via the graph API:

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Office 365
  • Microsoft Defender for Cloud Apps
  • Microsoft Defender for Identity
  • Microsoft Entra ID Protection
  • Microsoft 365 Defender
  • Microsoft Purview Data Loss Prevention

Sophos MDR and Sophos XDR customers using Microsoft security solutions can strengthen their defenses against advanced threats. The integration sends Microsoft alerts to the Sophos Central platform, which are then filtered, cleaned, correlated, and in some cases, escalated for investigation by analysts.

Sophos Products

Sophos MDR/XDR Integrations

Partner Technology

Cloud

Data Security

Endpoint Security

Identity & Access Management

Messaging Security

Solution Category

Sophos MDR/XDR Integrations