Microsoft Defender for Office 365
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Microsoft Corporation |
| Support Tier | Microsoft |
| Support Link | https://support.microsoft.com/ |
| Categories | domains |
| Version | 3.0.2 |
| Author | Microsoft - support@microsoft.com |
| First Published | 2022-05-17 |
| Solution Folder | Microsoft Defender for Office 365 |
| Marketplace | Azure Marketplace · Rating: ★★★★★ 5.0/5 (1 ratings) · Popularity: 🟢 High (96%) |
The Microsoft Defender for Office 365 solution for Microsoft Sentinel enables you to ingest security alerts from the Defender for Office 365 platform, providing visibility into threats within email messages, links (URLs) and collaboration tools.
Underlying Microsoft Technologies used:
This solution is dependent on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:
a. Codeless Connector Platform/Native Microsoft Sentinel Polling
Contents
Data Connectors
This solution provides 1 data connector(s):
Tables Used
This solution uses 3 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
EmailAttachmentInfo |
- | Workbooks |
EmailEvents |
- | Workbooks |
EmailUrlInfo |
- | Workbooks |
Internal Tables
The following 1 table(s) are used internally by this solution's content items:
| Table | Used By Connectors | Used By Content |
|---|---|---|
SecurityAlert |
Microsoft Defender for Office 365 (Preview) | - |
Content Items
This solution includes 6 content item(s):
| Content Type | Count |
|---|---|
| Playbooks | 5 |
| Workbooks | 1 |
Workbooks
| Name | Tables Used |
|---|---|
| MicrosoftDefenderForOffice365 | EmailAttachmentInfoEmailEventsEmailUrlInfo |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| O365 - Block Malware file extensions | This Playbook Provides the automation on blocking the suspicious/malicious file attachment on mails | - |
| O365 - Block Sender Entity Trigger | This Playbook Provides the automation on blocking the suspicious/malicious sender | - |
| O365 - Block Spam Domain | This Playbook Provides the automation on blocking the suspicious/malicious attacker Domains | - |
| O365 - Block Suspicious Sender | This Playbook Provides the automation on blocking the suspicious/malicious senders | - |
| O365 - Delete All Malicious Inbox Rule | This Playbook provides the automation on deleting all the suspicious/malicious Inbox Rules from Prov... | - |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.3 | 07-04-2025 | Updated ConnectivityCriteria Type in Data Connector. |
| 3.0.2 | 24-04-2024 | Updated link for Custom Connector redirection in playbooks |
| 3.0.1 | 29-09-2023 | 1 new Playbook added to the solution |
| 3.0.0 | 11-07-2023 | 4 new Playbooks added to the solution |
| 1 Custom Connector added as a pre-requisite for playbooks deployment |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊