If you’re a long-time Azure Sentinel customer, there’s a good chance you enabled the Azure Defender connector long ago and have never gone back into the original connector to look around. I mean if everything is working…who does that, right?
There’s a new(er) preview capability in this connector that you need to toggle if you want to enable the bi-directional sync of alerts between Azure Sentinel and Azure Defender (ASC).
As shown in the image, simply changing the selection to Enabled turns this capability on.
To learn more about some of the additional capabilities that come with this, see Craig’s Azure Defender and Azure Sentinel Alerts Bi-Directional Sync which includes how to create Sample alerts in Defender.
=========================
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Azure Sentinel Newsletter]
One thought on “How to Enable Bi-directional Alert Sync Between Azure Sentinel and Azure Defender”