Integration-Microsoft Defender Endpoint

255703

OpenText OpenText Community

App Support Tiers

OpenText SUPPORTED

Support via OpenText Software Support, with a ticket filed against the associated product.

PARTNER

OpenText offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by OpenText of the OpenText community.

OpenText COMMUNITY

OpenText Community Content is provided by OpenText for the benefit of customers, support for it is not available via OpenText Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by OpenText customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "Cybersecurity Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official OpenText/Cybersecurity product releases. OpenText has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. OpenText strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

OpenText | OpenText Community

Microsoft Defender Endpoint Integration for ArcSight SOAR

121 downloads

Product compatibility

ArcSight SOAR

Description

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent , detect, investigate, and respond to advanced threats.

The Integration Plugin has been developed with eleven action capabilities (Add Machine Tag, Assign Alert, Isolate Machine, Remove Machine Tag, Restrict Code Execution, Stop & Quarantine File, Unrestrict Code Execution, Update Alert Classification, Update Alert Comment, Update Alert Determination, Update Alert Status) and sixteen enrichment capabilities (Get Alert by ID, Get Domain Statistics, Get File Information, Get File Related Machines, Get File Statistics, Get Installed Software, Get IP Statistics, Get Login Users, Get Machine Details, List Alerts, List Alerts by Severity, List Alerts by Status, List File Related Alerts, List Machines, List Machines By Tag, List User Related Alerts)

Releases

Release

Size

Date

ArcSight SOAR 3.3

339.6 KB

Oct 5, 2022

More info Less info

Product compatibility

ArcSight SOAR

Version 3.0 · 3.1 · 3.2

Release notes

https://www.microfocus.com/documentation/arcsight

Languages

English

Files

(10.7 KB)

(410.3 KB)

Marketplace

Marketplace

Integration-Microsoft Defender Endpoint

Product compatibility

CATEGORY

Description

Releases

Sign in

Marketplace

Integration-Microsoft Defender Endpoint

App Support Tiers

Product compatibility

CATEGORY

Description

Releases

Unsubscribe from notifications

Marketplace Terms of Service

Your download has begun