Skip to content

Commit b8885ee

Browse files
cwatson-catcwatson-cat
committed
Upd dates and requiremet info about Sentinel access
1 parent 80fc386 commit b8885ee

File tree

5 files changed

+6
-6
lines changed

5 files changed

+6
-6
lines changed

defender-xdr/mto-advanced-hunting.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ ms.collection:
1414
- tier1
1515
- usx-security
1616
ms.topic: conceptual
17-
ms.date: 08/07/2024
17+
ms.date: 08/19/2024
1818
appliesto:
1919
- Microsoft Defender XDR
2020
- Microsoft Sentinel in the Microsoft Defender portal

defender-xdr/mto-incidents-alerts.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ ms.collection:
1414
- tier1
1515
- usx-security
1616
ms.topic: conceptual
17-
ms.date: 08/07/2024
17+
ms.date: 08/19/2024
1818
appliesto:
1919
- Microsoft Defender XDR
2020
- Microsoft Sentinel in the Microsoft Defender portal

defender-xdr/mto-overview.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ ms.collection:
1313
- tier1
1414
- usx-security
1515
ms.topic: conceptual
16-
ms.date: 08/07/2024
16+
ms.date: 08/19/2024
1717
appliesto:
1818
- Microsoft Defender XDR
1919
- Microsoft Sentinel in the Microsoft Defender portal

defender-xdr/mto-requirements.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ ms.collection:
1313
- tier1
1414
- usx-security
1515
ms.topic: conceptual
16-
ms.date: 08/07/2024
16+
ms.date: 08/19/2024
1717
appliesto:
1818
- Microsoft Defender XDR
1919
- Microsoft Sentinel in the Microsoft Defender portal
@@ -40,7 +40,7 @@ The following table lists the basic requirements you need to use multitenant man
4040
| Microsoft Defender XDR prerequisites | Verify you meet the [Microsoft Defender XDR prerequisites](prerequisites.md)|
4141
| Multitenant access | To view and manage the data you have access to in multitenant management, you need to ensure you have the necessary access. For each tenant you want to view and manage, you need to have either: <br/> <br/> - [Granular delegated admin privileges (GDAP)](/partner-center/gdap-introduction) <br/> - [Microsoft Entra B2B authentication](/azure/active-directory/external-identities/what-is-b2b) <br/> <br/> To learn more about how to synchronize multiple B2B users across tenants, see [Configure cross-tenant synchronization](/azure/active-directory/multi-tenant-organizations/cross-tenant-synchronization-configure).|
4242
| Permissions | Users must be assigned the correct roles and permissions at the individual tenant level, in order to view and manage the associated data in multitenant management. To learn more, see: <br/><br/> - [Manage access to Microsoft Defender XDR with Microsoft Entra global roles](./m365d-permissions.md) <br/> - [Custom roles in role-based access control for Microsoft Defender XDR](./custom-roles.md)<br/><br/> To learn how to grant permissions for multiple users at scale, see [What is entitlement management](/azure/active-directory/governance/entitlement-management-overview).|
43-
| Security information and event management (SIEM) data (Optional) |To include SIEM data with the extended detection and response (XDR) data, one or more tenants must include a Microsoft Sentinel workspace onboarded to the Microsoft unified security operations platform. For more information, see [Connect Microsoft Sentinel to Microsoft Defender XDR](microsoft-sentinel-onboard.md).<br/><br/>Only one Microsoft Sentinel workspace per tenant is currently supported in the unified security operations platform. So in Microsoft Defender multitenant management, you have SIEM data from one Microsoft Sentinel workspace per tenant.|
43+
| Security information and event management (SIEM) data (Optional) |To include SIEM data with the extended detection and response (XDR) data, one or more tenants must include a Microsoft Sentinel workspace onboarded to the Microsoft unified security operations platform. For more information, see [Connect Microsoft Sentinel to Microsoft Defender XDR](microsoft-sentinel-onboard.md).<br/><br/>Only one Microsoft Sentinel workspace per tenant is currently supported in the unified security operations platform. So in Microsoft Defender multitenant management, you have SIEM data from one Microsoft Sentinel workspace per tenant.<br/><br/> Access to Microsoft Sentinel data is available through [Microsoft Entra B2B authentication](/azure/active-directory/external-identities/what-is-b2b). Microsoft Sentinel doesn't support [granular delegated admin privileges (GDAP)](/partner-center/gdap-introduction) at this time. |
4444

4545
We recommend that you set up [multifactor authentication trust](/azure/active-directory/external-identities/authentication-conditional-access) for each tenant to avoid missing data in Microsoft Defender multitenant management.
4646

defender-xdr/mto-tenants.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ ms.collection:
1414
- tier1
1515
- usx-security
1616
ms.topic: conceptual
17-
ms.date: 08/07/2024
17+
ms.date: 08/19/2024
1818
appliesto:
1919
- Microsoft Defender XDR
2020
- Microsoft Sentinel in the Microsoft Defender portal

0 commit comments

Comments
 (0)