Microsoft Defender

Sections

1. Microsoft Defender API Integration
2. Azure: Creating an Application
3. Fluency: Adding an Integration

Microsoft Defender API Integration

Fluency has the ability to integrate with Microsoft 365 Defender APIs.

Azure: Creating an Application

The following steps to use these APIs:

• Create an Azure Active Directory (Azure AD) application.
• Get an access token using this application.
• Use the token to access Microsoft 365 Defender API.

Refer to Microsoft’s documentation for creating an application: https://learn.microsoft.com/en-us/microsoft-365/security/defender/api-create-app-web?view=o365-worldwide

The “Tenant ID”, “Application ID” and “Application secret” from the above link will be needed in the next steps in Fluency.

Fluency: Adding an Integration

Login to the Fluency Cloud portal: https://companyname.cloud.fluencysecurity.com.

Open the dropdown menu and choose the Cloud Integrations option under the Data Ingress section.

On the following page, navigate to the Cloud Infrastructure as a Service section.

To Add an integration, choose the “Microsoft Defender” icon from the group on the left side of the page to create a new integration endpoint.

In the pop-up window, give the integration a short name for the “Customer” field. This value will be used within Fluency interface only to distinguish the different integrations. It is suggested to avoid using spaces in this field.

Fill out the other required information, using the information from the previous step in the Duo Admin panel.

Click the “Save” button to add the integration endpoint.

Page last updated: 2023 Aug 08