This article details the requirements to integrate your Microsoft security product with Red Canary.
Red Canary alert ingestion requirements
Supported alert sources
- Azure Active Directory Identity Protection v2
- Microsoft 365 Defender v2
- Microsoft Defender for Cloud Apps v2
- Microsoft Defender for Endpoint v2
- Microsoft Defender for Identity v2
- Microsoft Defender for Office 365 v2
Required Microsoft licenses
To send alerts from Microsoft 365 Defender to Red Canary, one of the following licenses is required. For more information, see Licensing requirements.
- Microsoft 365 E5 or A5
- Microsoft 365 E3 with the Microsoft 365 E5 Security add-on
- Microsoft 365 E3 with the Enterprise Mobility + Security E5 add-on
- Microsoft 365 A3 with the Microsoft 365 A5 Security add-on
- Windows 10 Enterprise E5 or A5
- Windows 11 Enterprise E5 or A5
- Enterprise Mobility + Security (EMS) E5 or A5
- Office 365 E5 or A5
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Cloud Apps
- Defender for Office 365 (Plan 2)
Red Canary Microsoft Sentinel integration requirements
Required Microsoft licenses
For more information, see Pre-deployment activities and prerequisites for deploying Microsoft Sentinel.
Comments
0 comments
Please sign in to leave a comment.