Sophos Community
Sophos Community
  • Site
  • User
  • Site
  • Search
  • User
  • Community & Product Forums
    • Sophos Endpoint
    • Sophos Firewall
    • Sophos Central
    • Sophos Factory
    • Sophos Mobile
    • Sophos Cloud Optix
    • Sophos Sensor
    • Sophos Switch
    • Sophos Wireless
    • Sophos Email
    • UTM Firewall
  • Community Blogs & Events
    • Sophos Community Blog
    • Community Security Blog
    • Product Documentation Blog
    • Application Control
  • Getting Started
  • Sophos Partners
    • Sophos Partners Group
  • Member Recognition
    • Community Leaderboards
  • More
  • Cancel
MDR Integrations
  • MDR Community Channel
  • More
MDR Integrations
Integrations Sophos XDR
  • Announcements
  • Discussions
  • Queries
  • Recommended Reads
  • Integrations
  • More
  • Cancel
  • New
MDR Integrations requires membership for participation - click to join
  • -Integrations
    • Install and configuration guides
    • -Sophos XDR
      • Microsoft - Graph Security API
      • Microsoft - Office 365 Management Activity
    • +Email
    • Endpoint
    • Firewall
    • Identity
    • Network
    • Public Cloud Security
  • Integration types
  • FAQ

Sophos XDR

Sophos MDR integrations are now GA, up to date documentation can be found at the following link: Microsoft

Each of the Sophos products provide detection and audit information available in the data lake. The Sophos XDR product includes two additional integrations for Microsoft at no additional charge. 

Microsoft - Office 365 Management Activity Office 365 Management Activity includes information about user, admin, system, and policy actions and events from Office 365 and Azure AD activity logs.

Office 365 Management activity provides audit information on user, and admin activity related to authentication, email notifications, and changes to policy. This integration is valuable for threat hunters to better understand detections from other integrations and from the Microsoft Graph Security API. 

Microsoft - Graph Security API  Adds security alerts from Microsoft and Microsoft partner products to the Sophos Data Lake.

  • Share
  • History
  • More
  • Cancel
Unfiltered HTML
  • Getting started
  • Legal
  • Privacy
  • Cookies

© 1997 - 2023 Sophos Ltd. All rights reserved.