Microsoft Defender for Endpoint + D3 Smart SOAR

Microsoft-Certified Endpoint Response Automation

MISA partner integration

Automated triage through D3’s Event Pipeline

Connect your entire Microsoft stack

Get the D3 Integrations Guide

Benefits and Capabilities

Use CAse

Endpoint Incident Response
  • Ingesting alerts into Smart SOAR and updating alerts in Defender for Endpoint using API calls
  • Gathering host and artifact information, such as active users and related file events 
  • Quarantining devices and initiating scans across endpoints

Use Case

Threat Hunting
  • Trigger endpoint scans and queries to find threats across the organization
  • Automatically trigger scans for malicious hashes across endpoints
  • Schedule threat hunting playbooks, or run them based on new intelligence

Microsoft Defender Integration: Summary

Key Details
Integration certified by partner
Developed and maintained by D3
Drag integration into visual playbooks
Test integration from playbook
Automated endpoint incident response

Integrations Done the Right Way

An unlimited number of pre-built integrations, expertly maintained by the largest technical team in security automation. Thoroughly researched, tested and built—and delivered for free. Always.