Sprinto Dashboard

Microsoft Defender Endpoint Integration

Introduction

The following guide will help you integrate Microsoft Defender Endpoint with Sprinto to track and monitor vulnerabilities.

Microsoft Defender for Endpoint is a comprehensive security solution designed to protect enterprise environments from advanced threats. It provides features such as endpoint detection and response (EDR), threat and vulnerability management, attack surface reduction, and automated investigation and remediation.

How does this integration help

The following integration helps Sprinto monitor vulnerabilities from the Microsoft Defender Endpoint service and ensures that they are resolved within the defined SLA to meet compliance requirements.

Available Sprinto checks

Below are the available Sprinto checks for Microsoft Defender Endpoint integration:

Microsoft Defender for Endpoints vulnerability alert should be resolved within SLA

The Sprinto check starts failing if any detected vulnerability is in the open status on the integrated account.

How to fix: Take the required action in order to resolve the detected vulnerability, then update the vulnerability status to Closed status on the integrated account. Sprinto detects the status change and set the check status to “Passing.”

Before you begin

  • Log in to the Sprinto admin portal with your credentials.

  • Ensure you have Admin access to the Microsoft Defender Endpoint account to perform this integration.

  • This integration is powered by Leen. Sprinto utilizes Leen’s API for dataflow on Sprinto.

Procedure

  1. Integrate Microsoft Defender Endpoint with Sprinto.

    • From the Sprinto admin portal, navigate to Security Hub > Settings > Integrations and select the Available tab.

    • Click Connect next to Microsoft Defender Endpoint.

    • Read the on-screen instructions and click Nex

    • Select the acknowledgment checkbox, and click Connect to Microsoft Defender for Endpoint. Note: Ensure the pop-up window is enabled on your browser.

    • Click Connect.

    • Log in to your Microsoft account and follow the on-screen instructions to grant Sprinto the necessary permissions.

  2. Add Microsoft Defender Endpoint as a vulnerability monitoring source.

    • Navigate to Security Hub > Vulnerabilities > Overview, and click + Add monitoring source.

    • Click Choose next to Microsoft Defender Endpoint.

    • Click Add Microsoft Defender Endpoint.

Support

Please get in touch with our support team if you have any queries related to the integration or need any assistance.

PreviousLucca IntegrationNextOfficient Integration

Last updated