Microsoft Graph Security Threat Indicators Integration User Guide

The ThreatConnect^® integration with Microsoft® Graph Security Threat Indicators enables users to send Indicators from ThreatConnect into Microsoft Graph Security for alerting and blocking with target products like Azure^® Sentinel and Microsoft Defender ATP™.

The integration supports Indicator types of Address, Host, CIDR, URL, User Agent, Email Address, Email Subject, and File (MD5, SHA1, and SHA256), along with the relevant context for each Indicator type.

  

ThreatConnect^® is a registered trademark of ThreatConnect, Inc.
Azure^® and Microsoft^® are registered trademarks, and Defender ATP™ is a trademark, of Microsoft Corporation.