Cloud Services
      Back to home
      1. Help Center
      2. Integrations
      3. Cloud Services

      Microsoft Defender For Cloud - User Guide

      In this article, you will understand step by step how to easily integrate Scytale with Microsoft Defender For Cloud

      Permissions for Microsoft Defender Integration 

      • Microsoft.Security/*/read

       

      How to Connect Scytale and Microsoft Defender For Cloud

      1) In Scytale, go to 'Integrations'.

       2) Search for Microsoft Defender and select 'Connect'.

      3) Paste your Application ID, Secret Value and Directory ID.

      Learn how to create these credentials below.

      3) Add a connection name - this will be used to differentiate between your connections - and then select 'Connect'.

       

      You have now successfully connected to Microsoft Defender!

       

      How To Create Credentials In Microsoft Defender

      1.) Log in to your Azure Portal and select 'App registrations' in the left menu.

      2.) Select 'New registration' and fill in the following details:

        • Name - you can choose a name.
        • Supported account types - the first option must be selected - "Accounts in this organizational directory only (Default Directory only - Single tenant)".
        • Under the Redirect URI - Select web, and paste the following URI: https://api.scytale.ai/integrations/microsoft-graph/callback/microsoft-graph
        • Click on Register.

      3.) In the overview tab of the application, refer to the information under "Essentials", copy (you'll use it for Scytale connection):
        • Application (Client) ID.
        • Directory (tenant) ID.

      4.) Go back to 'App registrations' and select the application you just created.

      Go to 'Certificates & secrets' and select 'New client secret'

      The Description will expires so we recommend selecting 24 months (we cannot collect data after the key expires).


      5. Select 'Add' and copy the Secret Value.