![]() ![]() Integrated with Microsoft Sentinel, Kaspersky Threat Data Feeds expands a company’s capacity to make timely, informed decisions about adversaries’ actions by leveraging globally sourced, context-rich and immediately actionable threat information. Today we are announcing the availability of the Kaspersky TAXII server which allows you to get threat intelligence data from Kaspersky into Microsoft Sentinel using the TAXII data connector.īenefits of Kaspersky + Microsoft Sentinel Integration The Threat Intelligence – TAXII data connector is essentially a built-in TAXII client in Microsoft Sentinel to import threat intelligence from TAXII 2.x servers. This data connector supports pulling data from TAXII 2.0 and 2.1 servers. This data connector in Microsoft Sentinel uses the TAXII protocol for sharing data in STIX format which is one of the most widely adopted standard for sharing threat intelligence across the industry. One of the ways to bring in threat intelligence data into Microsoft Sentinel is using the Threat Intelligence – TAXII Data connector. Microsoft Sentinel allows various ways to import threat intelligence data and use it in various parts of the product like hunting, investigation, analytics, workbooks etc. Microsoft Sentinel is a cloud native SIEM and SOAR solution that allows you to detect and hunt for actionable threats. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |