Skip to main content

Microsoft Defender

Microsoft Defender API Integration

Fluency has the ability to integrate with Microsoft 365 Defender APIs.

Azure: Creating an Application

The following steps to use these APIs:

  • Create an Azure Active Directory (Azure AD) application.
  • Get an access token using this application.
  • Use the token to access Microsoft 365 Defender API.

Refer to Microsoft's documentation for creating an application: https://learn.microsoft.com/en-us/microsoft-365/security/defender/api-create-app-web?view=o365-worldwide

The "Tenant ID", "Application ID" and "Application secret" from the above link will be needed in the next steps in Fluency.

Fluency: Adding an Integration

Login to the Fluency Cloud portal: https://(companyname).cloud.fluencysecurity.com.

Open the dropdown menu and choose the Cloud Integrations option under the Data Ingress section.

On the following page, navigate to the Cloud Infrastructure as a Service section.

To add a new integration, click the Microsoft Defender icon from the list on the left side of the page.

To view an existing integration, look for the Microsoft Defender integration endpoint from the list on the right side of the page, and choose the gear icon.

In the pop-up window, provide a Customer name for this integration. Normally, this will just be the name of your organization. This value will be used solely within Fluency.

Fill out the other required information, using the information from the previous step.

Click the Save button to add the integration endpoint.

Page last updated: 2023 Oct 26