![]() ![]() After a few seconds, you’ll see the server being listed below: Username and password: put the API key and password you’ve got on the earlier stepsįinally, click Add button. On Microsoft Sentinel go to: Data Connectors > Threat Intelligence (TAXII) > click Open connector pageįill-out the connector page with the information:Ĭollection ID: put any collection ID you grab on the earlier step (in this example, I’ve chosen 9a368014-0b34-540c-b767-333d32d66924) ![]() Now that we’ve all information we need, let’s add the Connector. In this scenario, we’ll connect via Threat Intelligence TAXII connector.įor more detailed information about others connectors, I do recommend you read the article. You can do this via: Threat Intelligence Platforms connector, Threat Intelligence TAXII connector or you can easily build a custom connector for this. Add the ConnectorĪzure Sentinel provides interesting ways to ingest your Threat Intel feed. In this scenario, we’ll choose one of the Collections IDs returned by the command above. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |