NordStellar for Microsoft Sentinel
Solution: NordStellar
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Publisher | NordStellar |
| Support Tier | Partner |
| Support Link | https://nordstellar.com |
| Categories | Security - Threat Intelligence,Security - Threat Protection |
| Version | 3.0.0 |
| Author | Nord Security Inc. - support@nordstellar.com |
| First Published | 2026-05-27 |
| Last Updated | 2026-06-05 |
| Solution Folder | NordStellar |
| Marketplace | Azure Marketplace · Popularity: 🔵 Medium (56%) |
The NordStellar solution for Microsoft Sentinel pushes real-time threat intelligence and exposure events from NordStellar's Leaked Data, Dark Web Monitoring, Domain Squatting, and Attack Surface modules into a unified NordStellar_CL table using the Codeless Connector Framework (CCF) Push pattern.
Underlying Microsoft Technologies used:
This solution takes a dependency on the following technologies, and some may be in Preview state or result in additional ingestion or operational costs:
a. Azure Monitor Logs Ingestion API
c. Microsoft Entra application registrations
Data Connectors
This solution provides 1 data connector(s):
Tables Used
This solution uses 1 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
NordStellar_CL |
NordStellar (Push) | - |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.0 | 27-05-2026 | Initial release of the NordStellar (Push) connector built on the Codeless Connector Framework. Adds a unified NordStellar_CL table, a Data Collection Rule with KQL transform, OAuth 2.0 client-credentials authentication, and support for all NordStellar event types across the Leaked Data, Dark Web Monitoring, Domain Squatting, and Attack Surface modules. |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊