Educause Security Discussion mailing list archives
Data Loss Prevention and Microsoft API SIEM Integration
From: "Pardonek, Jim" <jpardonek () LUC EDU>
Date: Wed, 17 Feb 2021 19:44:22 +0000
We are working through some issues with our deployment of Microsoft DLP and the ability to get actionable reports from their Security and Compliance center. On a recent call with Microsoft, one of the engineers suggested that we look into the Office 365 Management Activity API and integrate it with our Logrhythm SIEM. Looking for information if anyone uses this API for DLP and what sort of actionable alerts they might be seeing out of it. Thanks in advance. Jim James Pardonek, MS, CISSP, CEH, GSNA Associate Director Chief Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 *: (773) 508-6086 Loyola University Chicago will never ask you for your username or password. For the latest information security news at Loyola, please follow us online, Twitter: @LUCUISO Facebook: https://www.facebook.com/lucuiso/ Our Blog http://blogs.luc.edu/uiso/ ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Data Loss Prevention and Microsoft API SIEM Integration Pardonek, Jim (Feb 17)
- Re: [External] [SECURITY] Data Loss Prevention and Microsoft API SIEM Integration Seth A. Shestack (Feb 17)