https://store-images.s-microsoft.com/image/apps.7371.f6d6050d-4e35-4dd6-aa32-ac4a6dda225b.46a1a1e8-3a16-4aae-9d5f-36bd75383963.b774dd8c-c024-4232-b392-34ca570e505e

ThreatQ Integration for Microsoft Sentinel

ThreatQuotient, Inc.

ThreatQ Integration for Microsoft Sentinel

ThreatQuotient, Inc.

The Sentinel Connector for ThreatQ exports indicators to Microsoft Sentinel via the Graph API.

The Microsoft Sentinel Connector for ThreatQ integration allows a user to export indicators directly to Microsoft Sentinel via Microsoft's Graph API. The Microsoft Graph API will automatically deduplicate and update IOCs sent to their API. 
The target product where IOCs are sent to include: Azure Sentinel (default), or Microsoft Defense ATP. 
The action to take when an IOC is observed in your environment include: Unknown, Allow, Block, Alert.
The default threat type to apply to the exported IOCs include: Botnet, C2, CryptoMining, 4Darknet, DDoS, MaliciousUrl, Malware, Phishing, Proxy, PUA, and WatchList (default). 
The default expiration for exported IOCs when an indicator has no expiration include: 2 Weeks (default), 1 Month, 3 Months, 6 Months, 1 Year, 5 Years.
https://store-images.s-microsoft.com/image/apps.14689.f6d6050d-4e35-4dd6-aa32-ac4a6dda225b.46a1a1e8-3a16-4aae-9d5f-36bd75383963.8d91127d-2a93-4bbe-ace3-32b42185bc10
/staticstorage/f6eb573/assets/videoOverlay_7299e00c2e43a32cf9fa.png
https://store-images.s-microsoft.com/image/apps.14689.f6d6050d-4e35-4dd6-aa32-ac4a6dda225b.46a1a1e8-3a16-4aae-9d5f-36bd75383963.8d91127d-2a93-4bbe-ace3-32b42185bc10
/staticstorage/f6eb573/assets/videoOverlay_7299e00c2e43a32cf9fa.png
https://store-images.s-microsoft.com/image/apps.30018.f6d6050d-4e35-4dd6-aa32-ac4a6dda225b.46a1a1e8-3a16-4aae-9d5f-36bd75383963.6ae1dec3-4b76-4d4b-908d-aa5ddcace9bc