⚠️ ZeroFox Enterprise - Botnet Compromised Credentials

⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Connectors Index

Attribute Value
Connector ID ZeroFoxBotnetCCDefinition
Publisher ZeroFox Enterprise
Used in Solutions ZeroFox Threat Intelligence
Collection Method CCF
Connector Definition Files ZeroFoxThreatIntelligence_BotnetCC_ConnectorDefinition.json
DCR Definition Files ZeroFoxThreatIntelligence_BotnetCC_DCR.json
CCF Configuration ZeroFoxThreatIntelligence_BotnetCC_PollerConfig.json
CCF Capabilities JwtToken, Paging

Collects botnet compromised credentials data from the ZeroFox API into Microsoft Sentinel.

Tables Ingested

This connector ingests data into the following tables:

Table Transformations Ingestion API Lake-Only
ZeroFoxBotnetCC_CL ? ?

💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.

Permissions

Resource Provider Permissions:

Custom Permissions:

Setup Instructions

⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

1. Connect ZeroFox to Microsoft Sentinel

To enable the connector, provide the required information below and click Connect.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Connectors Index