This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 14th: Gemini's generative AI within Google SecOps
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Azure Sentinel and Google SecOps (SOAR) integration

Posted on 09-20-2024 06:54 AM
dhirajtec
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello Community Members,

I Need encryption details for API connection between Google SecOps SOAR and Azure Sentinel when we integrate these two platform. It would be a great help if someone can share the relevant or supporting documents.  I want to ensure  to that the connectivity can't be tampered by attacks like MITM (Man in the middle attack). 

0 2 479
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
vaskenh
Staff
Reply posted on --/--/---- --:-- AM

Hi @dhirajtec .  I've provided a link here to our SecOps integration documentation for Azure Sentinel.  In this documentation, you can find more information about the authentication and authorization parameters including the IAM role granting process, key generation, and further details related to implementing authentication.

https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/microsoft-azure-sentinel

0 Likes

Posted on --/--/---- --:-- AM
SoarAndy
Staff
Reply posted on --/--/---- --:-- AM

In this scenario SecOps is the client, and must adhere to all controls put in place by the platform offering the service, i.e. Sentinel

To understand the API security methods I would suggest studying Sentinel docs (as that is what we comply to)

0 Likes