External Intelligence, Applied to Microsoft Azure Sentinel
RiskIQ’s integration with Microsoft Security Solutions provides security teams with the most comprehensive attack surface management solution on the market. Whether it’s finding unknown digital assets exposed on the Internet or investigating threats, RiskIQ and Microsoft will aid your efforts.
Boosting Cloud-based Investigations with Security Intelligence
With RiskIQ PassiveTotal and Microsoft, security teams will accelerate their investigations, increase their visibility, respond more effectively to threats, and maximize the impact of their existing security solutions.
- Accelerate Threat Detection and Investigation. RiskIQ PassiveTotal aggregates the most comprehensive internet security intelligence and automatically correlates with and enriches Microsoft Defender’s intelligence and insight.
- Empower Collaboration and Reduce Remediation Time. RiskIQ PassiveTotal enables enterprise security teams to seamlessly collaborate on threat investigations or incident response engagements by providing a shared, 360-degree context.
- Proactively Manage and Protect Your Digital Attack Surface. Gain complete visibility into your externally facing assets, compare that against Microsoft endpoint coverage, and assure that all of your assets are managed and protected.
Internet Intelligence as Enrichment
RiskIQ Intelligence for Microsoft enables security teams to rapidly scale and automate their threat detection and investigations. The PassiveTotal Connector will automatically ingest and store RiskIQ Intelligence directly within Microsoft Sentinel, so that it can be applied against local log information.
- Cross-reference logs with newly registered infrastructure and threat intelligence to identify suspicious activity.
- Generate high-fidelity security incidents based on blacklist, phish and scam data.
- Automate initial incident triage and enrichment with rich external intelligence from the internet, including dynamic reputation scoring.
- Build your own orchestration pipelines using the RiskIQ Flow Connector and Microsoft Logic Apps.
RiskIQ Intelligence Connector Documentation
RiskIQ has rich support for Microsoft’s Security Solutions. If you have questions, feedback or run into issues, please contact us using email@example.com. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Microsoft support for issues related to the RiskIQ applications.
Questions about the integration?
Get Started Today
Interested in Becoming a Partner?
RiskIQ and our technology partners enable our customers to maximize the value of their security infrastructure, staff, and better protect their enterprise. Together, we deliver precise detection, faster investigations, easier collaboration, automated remediation, blocking, and takedown.