Silverfort for Microsoft Sentinel

Solution: Silverfort

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Attribute	Value
Publisher	Silverfort
Support Tier	Partner
Support Link	https://www.silverfort.com/customer-success/#support
Categories	domains
Version	1.0.0
Author	Silverfort
First Published	2024-09-01
Solution Folder	Silverfort
Marketplace	Azure Marketplace · Popularity: 🔵 Medium (65%)

The Silverfort ITDR Admin Console connector solution allows ingestion of Silverfort events and logging into Microsoft Sentinel. Silverfort provides syslog based events and logging using Common Event Format (CEF). By forwarding your Silverfort ITDR Admin Console CEF data into Microsoft Sentinel, you can take advantage of Sentinels's search & correlation, alerting, and threat intelligence enrichment on Silverfort data. Please contact Silverfort or consult the Silverfort documentation for more information.

Data Connectors
Tables Used
Content Items

Data Connectors

This solution provides 1 data connector(s):

Silverfort Admin Console

Tables Used

This solution uses 1 table(s):

Table	Used By Connectors	Used By Content
`CommonSecurityLog`	Silverfort Admin Console	Analytics, Workbooks

Content Items

This solution includes 5 content item(s):

Content Type	Count
Analytic Rules	4
Workbooks	1

Analytic Rules

Name	Severity	Tactics	Tables Used
Silverfort - Certifried Incident	High	PrivilegeEscalation	`CommonSecurityLog`
Silverfort - Log4Shell Incident	High	InitialAccess	`CommonSecurityLog`
Silverfort - NoPacBreach Incident	High	PrivilegeEscalation	`CommonSecurityLog`
Silverfort - UserBruteForce Incident	High	CredentialAccess	`CommonSecurityLog`

Workbooks

Name	Tables Used
SilverfortWorkbook	`CommonSecurityLog`

Release Notes

Version	Date Modified (DD-MM-YYYY)	Change History
3.0.0	13-09-2024	Initial Solution Release