RiskIQ & Microsoft Security Solutions

Providing Microsoft Security Solutions with Full Attack Surface Visibility

External Intelligence, Applied to Microsoft Azure Sentinel

RiskIQ’s integration with Microsoft Security Solutions provides security teams with the most comprehensive attack surface management solution on the market. Whether it’s finding unknown digital assets exposed on the Internet or investigating threats, RiskIQ and Microsoft will aid your efforts.

RiskIQ Illuminate® for Microsoft Defender and Azure Sentinel

Bridging the gap between Endpoint, SIEM and Intelligence

Boosting Cloud-based Investigations with Security Intelligence

With RiskIQ PassiveTotal and Microsoft, security teams will accelerate their investigations, increase their visibility, respond more effectively to threats, and maximize the impact of their existing security solutions.

  • Accelerate Threat Detection and Investigation. RiskIQ PassiveTotal aggregates the most comprehensive internet security intelligence and automatically correlates with and enriches Microsoft Defender’s intelligence and insight.
  • Empower Collaboration and Reduce Remediation Time. RiskIQ PassiveTotal enables enterprise security teams to seamlessly collaborate on threat investigations or incident response engagements by providing a shared, 360-degree context.
  • Proactively Manage and Protect Your Digital Attack Surface. Gain complete visibility into your externally facing assets, compare that against Microsoft endpoint coverage, and assure that all of your assets are managed and protected.

RiskIQ PassiveTotal® Services for Microsoft

Applied Internet-scale Context, Delivered Locally

Internet Intelligence as Enrichment

RiskIQ Intelligence for Microsoft enables security teams to rapidly scale and automate their threat detection and investigations. The PassiveTotal Connector will automatically ingest and store RiskIQ Intelligence directly within Microsoft Sentinel, so that it can be applied against local log information.

  • Cross-reference logs with newly registered infrastructure and threat intelligence to identify suspicious activity.
  • Generate high-fidelity security incidents based on blacklist, phish and scam data.
  • Automate initial incident triage and enrichment with rich external intelligence from the internet, including dynamic reputation scoring.
  • Build your own orchestration pipelines using the RiskIQ Flow Connector and Microsoft Logic Apps.

RiskIQ Intelligence Connector Documentation

RiskIQ has rich support for Microsoft’s Security Solutions. If you have questions, feedback or run into issues, please contact us using support@riskiq.com. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Microsoft support for issues related to the RiskIQ applications.

Questions about the integration?

Interested in Becoming a Partner?

RiskIQ and our technology partners enable our customers to maximize the value of their security infrastructure, staff, and better protect their enterprise. Together, we deliver precise detection, faster investigations, easier collaboration, automated remediation, blocking, and takedown.