Zimperium Mobile Threat Defense CCF

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Connectors Index

Attribute Value
Connector ID ZimperiumMTDPush
Publisher Zimperium
Used in Solutions Zimperium Mobile Threat Defense
Collection Method CCF Push
Connector Definition Files ZimperiumMTD_connectorDefinition.json
DCR Definition Files ZimperiumMTD_DCR.json
CCF Configuration ZimperiumMTD_dataConnector.json
CCF Capabilities Push
Ingestion API Log Ingestion APICCF Push connectors use DCR-based Log Ingestion API
Microsoft Learn View on Learn

Zimperium Mobile Threat Defense connector gives you the ability to connect the Zimperium threat log with Microsoft Sentinel to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's mobile threat landscape and enhances your security operation capabilities.

Tables Ingested

This connector ingests data into the following tables:

Table Transformations Ingestion API Lake-Only
ZimperiumMitigationLogV2_CL ? ?
ZimperiumThreatLogV2_CL ? ?

💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.

Permissions

Resource Provider Permissions:

Custom Permissions:

Setup Instructions

⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

1. Create ARM Resources and Provide the Required Permissions

This connector enables your Zimperium MTD application to push device threats directly to Microsoft Sentinel via the Azure Monitor Ingestion API.

Automated Configuration and Secure Data Ingestion with Entra Application

Clicking on "Deploy" will trigger the creation of a Log Analytics table and a Data Collection Rule (DCR). It will then create an Entra application, link the DCR to it, and set the entered secret in the application. This setup enables data to be sent securely to the DCR using an Entra token. Deploy Zimperium MTD Push connector resources

2. Configure and connect Zimperium MTD

  1. In zConsole, click Account Management on the navigation bar.
  2. Click the Data Export side tab.
  3. Click the Add Data Export Configuration button.
  4. Create the Configuration:
    • Name: Name to describe this configuration.
    • Description: Description to describe this configuration.
    • Data Type: Select datatype as Threat.
    • Destination Type: From the available destination types, select Microsoft Sentinel.
    • Severity Criteria: Select a Filter Level for the threat data you wish to push to Microsoft Sentinel.
    • External Tracking Id 1: This is an optional criterion to match for exported data.
    • External Tracking Id 2: This is an optional criterion to match for exported data.
    • Tenant Id: Enter from the fields below.
    • Entra App Registration Application ID: Enter from the fields below.
    • Entra App Registration Secret: Enter from the fields below.
    • Data Collection Endpoint Uri: Enter from the fields below.
    • Data Collection Rule Immutable ID: Enter from the fields below.
    • Click Save Configuration.
  5. For additional instructions, please refer to the Zimperium customer support portal.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Connectors Index