Better integration with defender and seintenl

%3CLINGO-SUB%20id%3D%22lingo-sub-2351635%22%20slang%3D%22en-US%22%3EBetter%20integration%20with%20defender%20and%20seintenl%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2351635%22%20slang%3D%22en-US%22%3EAre%20there%20any%20plans%20for%20better%20integration%20for%20how%20events%20are%20handled%20with%20the%20two%20applications%3F%20Is%20it%20possible%20that%20if%20incident%20is%20closed%20in%20security%20get%20automaticity%20gets%20closed%20in%20seintel%20and%20vise%20versa%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2351753%22%20slang%3D%22en-US%22%3ERE%3A%20Better%20integration%20with%20defender%20and%20seintenl%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2351753%22%20slang%3D%22en-US%22%3EWe%20are%20currently%20in%20the%20process%20of%20supporting%20bi-directional%20sync%20between%20Azure%20Sentinel%20and%20the%20respective%20solutions%20part%20of%20Microsoft%20365%20Defender.%20Azure%20Defender%20is%20part%20of%20the%20roadmap%3C%2FLINGO-BODY%3E
New Contributor
Are there any plans for better integration for how events are handled with the two applications? Is it possible that if incident is closed in security get automaticity gets closed in seintel and vise versa
6 Replies
We are currently in the process of supporting bi-directional sync between Azure Sentinel and the respective solutions part of Microsoft 365 Defender. Azure Defender is part of the roadmap
Great question. Improving better together scenarios between Azure Defender and Azure Sentinel is a priority for our engineering team. We have received this feedback before, we are looking into it.

@shane007 - Hi Shane - Yes, this is supported - please see this blog post that discusses the bi-directional status updating between M365 Defender and Sentinel as part of their deep integration

Hello Shane, yes we are working on this capability to a better sync between the alerts from Azure Defender to Azure Sentinel. We actually talked about this during this episode of Azure Security Center in the Field https://youtu.be/uHUlncHm_DA
That’s great. Cause it sure is a pain closing out event’s twice!
I understand that Automation rules and playbooks cannot be used with bidirectional sync settings.
Is this correct?
www.000webhost.com