How to integrate Kaspersky Threat Data Feeds with Microsoft Sentinel SIEM
Latest update: July 20, 2022
ID: 15908
Microsoft Sentinel is a cloud-native SIEM system which has the possibility to use Threat Intelligence Data Feeds via TAXII protocol.
To integrate Kaspersky Threat Data Feeds with Microsoft Sentinel you need to:
- Obtain your trial/commercial token for Kaspersky Threat Data Feeds from intelligence@kaspersky.com
- Configure Microsoft Sentinel 'Threat Intelligence - TAXII' connector
- Specify selected Kaspersky TAXII collections
You can download the guide here.