Microsoft defender for cloud (#4789)

* Microsoft Defender for Cloud app doc

* removed the extra space

* added cid

* updated the folder

* Update sidebars.ts

* added collection details

* minor fix

* Update blog-service/2024-12-02-apps.md

Co-authored-by: John Pipkin (Sumo Logic) <[email protected]>

* Update docs/integrations/microsoft-azure/index.md

Co-authored-by: John Pipkin (Sumo Logic) <[email protected]>

* Update docs/integrations/microsoft-azure/microsoft-defender-for-cloud.md

Co-authored-by: John Pipkin (Sumo Logic) <[email protected]>

* Update docs/integrations/microsoft-azure/microsoft-defender-for-cloud.md

Co-authored-by: John Pipkin (Sumo Logic) <[email protected]>

* Update docs/integrations/microsoft-azure/microsoft-defender-for-cloud.md

Co-authored-by: John Pipkin (Sumo Logic) <[email protected]>

* Rename 2024-12-02-apps.md to 2024-12-02-apps2.md

renaming to distinguish two same-day apps posts

---------

Co-authored-by: Kim (Sumo Logic) <[email protected]>
Co-authored-by: John Pipkin (Sumo Logic) <[email protected]>

Author: 3 people

blog-service/2024-12-02-apps2.md

@@ -0,0 +1,22 @@
+---
+title: Microsoft Defender for Cloud (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - microsoft-defender-for-cloud
+  - apps
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce the new Microsoft Defender for Cloud app for Sumo Logic. This app helps you to collect the alerts, security recommendation, and regulatory compliance logs using the Sumo Logic Cloud-to-Cloud Azure Event Hub Source and by configuring the continuous export using the Event Hub instance details in the Azure portal. Key features of the Microsoft Defender for Cloud app include:
+
+- Gain real-time visibility into security alerts across your Azure environment, categorized by severity (High, Medium, Low, and Informational).
+- Monitor trends in alert activity over time to identify spikes and recurring threats.
+- Leverage detailed alert summaries and remediation steps for effective threat mitigation.
+- Track compliance performance across critical standards, including FedRAMP, PCI DSS 4, CIS Azure Foundations, and Microsoft Cloud Security Benchmark.
+- Analyze threats by categories like data exfiltration, unauthorized access, and account breaches.
+
+Explore our technical documentation [here](/docs/integrations/microsoft-azure/microsoft-defender-for-cloud/) to learn how to set up and use the Microsoft Defender for Cloud  app for Sumo Logic.

cid-redirects.json

@@ -1825,6 +1825,7 @@
   "/cid/1963": "/docs/integrations/sumo-apps/enterprise-audit",
   "/cid/1964": "/docs/integrations/security-threat-detection/f5-big-ip-ltm",
   "/cid/1965": "/docs/integrations/security-threat-detection/netskope",
+  "/cid/19665": "/docs/integrations/microsoft-azure/microsoft-defender-for-cloud",
   "/cid/1966": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/carbon-black-cloud-source",
   "/cid/1987": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source",
   "/cid/1257": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/atlassian-source",

docs/integrations/microsoft-azure/index.md

@@ -317,6 +317,12 @@ This guide has documentation for all of the apps that Sumo Logic provides for Mi
       <p>A guide to the Sumo Logic app for Azure Kubernetes Service Control Plane.</p>
       </div>
     </div>
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/integrations/microsoft-azure/microsoft-defender-for-cloud"><img src={useBaseUrl('img/integrations/microsoft-azure/microsoft-defender-for-cloud.png')} alt="thumbnail icon" width="75"/><h4>Microsoft Defender for Cloud</h4></a>
+  <p>Learn about the Sumo Logic collection process for the Microsoft Defender for Cloud service.</p>
+  </div>
+</div>
     <div className="box smallbox card">
       <div className="container">
       <img src={useBaseUrl('img/integrations/microsoft-azure/network-watcher.png')} alt="Thumbnail icon" width="50"/>

docs/integrations/microsoft-azure/microsoft-defender-for-cloud.md

@@ -25,7 +25,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/maxmind-v2.png')} alt="Thumbnail icon" width="100"/> | [MaxMind](https://www.maxmind.com/en/home) | Automation integration: [MaxMind V2](/docs/platform-services/automation-service/app-central/integrations/maxmind-v2/) |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/mcafee-atd.png')} alt="Thumbnail icon" width="75"/> | [McAfee](https://www.mcafee.com/) | Automation integrations: <br/>- [McAfee ATD](/docs/platform-services/automation-service/app-central/integrations/mcafee-atd/) <br/>- [McAfee ESM](/docs/platform-services/automation-service/app-central/integrations/mcafee-esm/) <br/>- [McAfee MVISION](/docs/platform-services/automation-service/app-central/integrations/mcafee-mvision/) <br/>- [McAfee Network Security Platform Manager (NSM)](/docs/platform-services/automation-service/app-central/integrations/mcafee-network-security-platform-manager-nsm/) <br/>- [McAfee Web Gateway](/docs/platform-services/automation-service/app-central/integrations/mcafee-web-gateway/) <br/>Cloud SIEM integration: [McAfee](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/20dec895-f649-4959-9717-104fb68bb5b4.md) |
 |  <img src={useBaseUrl('img/integrations/databases/memcached.png')} alt="Thumbnail icon" width="50"/>   | [Memcached](https://memcached.org/)  | 	Apps: <br/>- [Memcached](/docs/integrations/databases/memcached/)	 <br/>- [Memcached - OpenTelemetry](/docs/integrations/databases/opentelemetry/memcached-opentelemetry/) |
-| <img src={useBaseUrl('img/integrations/misc/microsoft-logo.png')} alt="Thumbnail icon" width="100"/> | [Microsoft](https://www.microsoft.com/) | Apps: <br/>- [Azure Active Directory](/docs/integrations/microsoft-azure/active-directory-azure/) <br/>- [Microsoft Azure AD Inventory](/docs/integrations/saas-cloud/microsoft-azure-ad-inventory)<br/>- [Microsoft Dynamics 365](/docs/integrations/microsoft-azure/microsoft-dynamics365-customer-insights/) <br/>- [Microsoft Exchange Trace Logs](/docs/integrations/saas-cloud/microsoft-exchange-trace-logs/) <br/>- [Microsoft Graph Azure AD Reporting](/docs/integrations/saas-cloud/microsoft-graph-azure-ad-reporting/) <br/>- [Microsoft Graph Identity Protection](/docs/integrations/microsoft-azure/microsoft-graph-identity-protection/)	<br/>- [Microsoft Graph Security V1](/docs/integrations/saas-cloud/microsoft-graph-security-v1/)	<br/>- [Microsoft Graph Security V2](/docs/integrations/saas-cloud/microsoft-graph-security-v2/) <br/>- [Microsoft Office 365](/docs/integrations/microsoft-azure/office-365/) <br/>- [Microsoft SQL Server](/docs/integrations/microsoft-azure/sql-server/) <br/>- [Microsoft SQL Server - OpenTelemetry](/docs/integrations/microsoft-azure/opentelemetry/sql-server-opentelemetry) <br/>- [Microsoft SQL Server for Linux - OpenTelemetry](/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry) <br/>- [Microsoft Teams](/docs/integrations/microsoft-azure/teams/)<br/>Automation integrations: <br/>- [Active Directory](/docs/platform-services/automation-service/app-central/integrations/active-directory/)<br/>- [Active Directory v2](/docs/platform-services/automation-service/app-central/integrations/active-directory-v2/) <br/>- [Microsoft 365 Defender](/docs/platform-services/automation-service/app-central/integrations/microsoft-365-defender/) <br/>- [Microsoft Azure Log Analytics](/docs/platform-services/automation-service/app-central/integrations/microsoft-azure-log-analytics/) <br/>- [Microsoft Azure Security Center](/docs/platform-services/automation-service/app-central/integrations/microsoft-azure-security-center/) <br/>- [Microsoft Defender ATP](/docs/platform-services/automation-service/app-central/integrations/microsoft-defender-atp/) <br/>- [Microsoft EWS](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews/) <br/>- [Microsoft EWS Daemon](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews-daemon/) <br/>- [Microsoft EWS Extension](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews-extension/) <br/>- [Microsoft Graph Security](/docs/platform-services/automation-service/app-central/integrations/microsoft-graph-security/)<br/>- [Microsoft OneDrive](/docs/platform-services/automation-service/app-central/integrations/microsoft-onedrive/) <br/>- [Microsoft Sharepoint](/docs/platform-services/automation-service/app-central/integrations/microsoft-sharepoint/) <br/>- [Microsoft Sentinel](/docs/platform-services/automation-service/app-central/integrations/microsoft-sentinel/) <br/>- [MSSQL](/docs/platform-services/automation-service/app-central/integrations/mssql/) <br/>- [Microsoft Teams](/docs/platform-services/automation-service/app-central/integrations/microsoft-teams/) <br/>Cloud SIEM integration: [Microsoft](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2b002817-fd14-49b3-a3fe-c9761275b931.md) <br/>Collectors: <br/>- [Active Directory JSON - Classic Collector](/docs/integrations/microsoft-azure/active-directory-json/) <br/>- [Active Directory JSON - OpenTelemetry Collector](/docs/integrations/microsoft-azure/opentelemetry/active-directory-json-opentelemetry/) <br/>- [Microsoft 365 Audit (Office 365 Audit) - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/microsoft-audit-office/) <br/>- [Microsoft Azure AD Inventory Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source/) <br/>- [Microsoft Exchange Trace Logs](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-exchange-trace-logs/) <br/>- [Microsoft Office 365 Audit Source](/docs/send-data/hosted-collectors/microsoft-source/ms-office-audit-source/) <br/>- [Microsoft Graph Azure AD Reporting Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-azure-ad-reporting-source/) <br/>- [Microsoft Graph Identity Protection Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-identity-protection-source/) <br/>- [Microsoft Graph Security API Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-security-api-source/) <br/>- [Windows Active Directory Inventory Source](/docs/send-data/installed-collectors/sources/windows-active-directory-inventory-source/) <br/>Community app: [Sumo Logic Microsoft Defender for EndPoint](https://github.com/SumoLogic/sumologic-content/tree/master/Microsoft/Defender_4_EndPoint) <br/>Webhook: [Webhook Connection for Microsoft Teams](/docs/alerts/webhook-connections/microsoft-teams/) |
+| <img src={useBaseUrl('img/integrations/misc/microsoft-logo.png')} alt="Thumbnail icon" width="100"/> | [Microsoft](https://www.microsoft.com/) | Apps: <br/>- [Azure Active Directory](/docs/integrations/microsoft-azure/active-directory-azure/) <br/>- [Microsoft Azure AD Inventory](/docs/integrations/saas-cloud/microsoft-azure-ad-inventory) <br/>- [Microsoft Defender for Cloud](/docs/integrations/microsoft-azure/microsoft-defender-for-cloud/) <br/>- [Microsoft Dynamics 365](/docs/integrations/microsoft-azure/microsoft-dynamics365-customer-insights/) <br/>- [Microsoft Exchange Trace Logs](/docs/integrations/saas-cloud/microsoft-exchange-trace-logs/) <br/>- [Microsoft Graph Azure AD Reporting](/docs/integrations/saas-cloud/microsoft-graph-azure-ad-reporting/) <br/>- [Microsoft Graph Identity Protection](/docs/integrations/microsoft-azure/microsoft-graph-identity-protection/)	<br/>- [Microsoft Graph Security V1](/docs/integrations/saas-cloud/microsoft-graph-security-v1/)	<br/>- [Microsoft Graph Security V2](/docs/integrations/saas-cloud/microsoft-graph-security-v2/) <br/>- [Microsoft Office 365](/docs/integrations/microsoft-azure/office-365/) <br/>- [Microsoft SQL Server](/docs/integrations/microsoft-azure/sql-server/) <br/>- [Microsoft SQL Server - OpenTelemetry](/docs/integrations/microsoft-azure/opentelemetry/sql-server-opentelemetry) <br/>- [Microsoft SQL Server for Linux - OpenTelemetry](/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry) <br/>- [Microsoft Teams](/docs/integrations/microsoft-azure/teams/)<br/>Automation integrations: <br/>- [Active Directory](/docs/platform-services/automation-service/app-central/integrations/active-directory/)<br/>- [Active Directory v2](/docs/platform-services/automation-service/app-central/integrations/active-directory-v2/) <br/>- [Microsoft 365 Defender](/docs/platform-services/automation-service/app-central/integrations/microsoft-365-defender/) <br/>- [Microsoft Azure Log Analytics](/docs/platform-services/automation-service/app-central/integrations/microsoft-azure-log-analytics/) <br/>- [Microsoft Azure Security Center](/docs/platform-services/automation-service/app-central/integrations/microsoft-azure-security-center/) <br/>- [Microsoft Defender ATP](/docs/platform-services/automation-service/app-central/integrations/microsoft-defender-atp/) <br/>- [Microsoft EWS](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews/) <br/>- [Microsoft EWS Daemon](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews-daemon/) <br/>- [Microsoft EWS Extension](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews-extension/) <br/>- [Microsoft Graph Security](/docs/platform-services/automation-service/app-central/integrations/microsoft-graph-security/)<br/>- [Microsoft OneDrive](/docs/platform-services/automation-service/app-central/integrations/microsoft-onedrive/) <br/>- [Microsoft Sharepoint](/docs/platform-services/automation-service/app-central/integrations/microsoft-sharepoint/) <br/>- [Microsoft Sentinel](/docs/platform-services/automation-service/app-central/integrations/microsoft-sentinel/) <br/>- [MSSQL](/docs/platform-services/automation-service/app-central/integrations/mssql/) <br/>- [Microsoft Teams](/docs/platform-services/automation-service/app-central/integrations/microsoft-teams/) <br/>Cloud SIEM integration: [Microsoft](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2b002817-fd14-49b3-a3fe-c9761275b931.md) <br/>Collectors: <br/>- [Active Directory JSON - Classic Collector](/docs/integrations/microsoft-azure/active-directory-json/) <br/>- [Active Directory JSON - OpenTelemetry Collector](/docs/integrations/microsoft-azure/opentelemetry/active-directory-json-opentelemetry/) <br/>- [Microsoft 365 Audit (Office 365 Audit) - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/microsoft-audit-office/) <br/>- [Microsoft Azure AD Inventory Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source/) <br/>- [Microsoft Exchange Trace Logs](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-exchange-trace-logs/) <br/>- [Microsoft Office 365 Audit Source](/docs/send-data/hosted-collectors/microsoft-source/ms-office-audit-source/) <br/>- [Microsoft Graph Azure AD Reporting Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-azure-ad-reporting-source/) <br/>- [Microsoft Graph Identity Protection Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-identity-protection-source/) <br/>- [Microsoft Graph Security API Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-security-api-source/) <br/>- [Windows Active Directory Inventory Source](/docs/send-data/installed-collectors/sources/windows-active-directory-inventory-source/) <br/>Community app: [Sumo Logic Microsoft Defender for EndPoint](https://github.com/SumoLogic/sumologic-content/tree/master/Microsoft/Defender_4_EndPoint) <br/>Webhook: [Webhook Connection for Microsoft Teams](/docs/alerts/webhook-connections/microsoft-teams/) |
 |  <img src={useBaseUrl('img/integrations/saas-cloud/mimecast-logo.png')} alt="Thumbnail icon" width="50"/>   | [Mimecast](https://www.mimecast.com/)  | 	App: [Mimecast](/docs/integrations/saas-cloud/mimecast/) <br/>Automation integration: [Mimecast](/docs/platform-services/automation-service/app-central/integrations/mimecast/) <br/>Cloud SIEM integration: [Mimecast](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/7BC43DFE-C5DD-4766-88E7-C163D82BBBF8.md) <br/>Collector: [Mimecast Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/mimecast-source/) <br/>Partner integration: [Mimecast app for Sumo Logic](https://github.com/SumoLogic/sumologic-public-partner-apps/tree/master/Mimecast) |
 |  <img src={useBaseUrl('img/send-data/Miro-logo.png')} alt="Thumbnail icon" width="50"/>   | [Miro](https://miro.com/) | 	App: [Miro](/docs/integrations/saas-cloud/miro/) <br/>Cloud SIEM integration: [Miro](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/9f149da1-2831-465f-8bb1-a5950ccaec0c.md) <br/>Collector: [Miro Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/miro-source/) |
 | <img src={useBaseUrl('img/integrations/misc/misp-logo.png')} alt="Thumbnail icon" width="100"/> | [MISP](https://www.misp-project.org/) | Automation integration: [MISP](/docs/platform-services/automation-service/app-central/integrations/misp/)<br/>Community app: [Sumo Logic for MISP](https://github.com/SumoLogic/sumologic-content/tree/master/MISP) |

docs/integrations/product-list/product-list-m-z.md

@@ -2146,6 +2146,7 @@ integrations: [
          'integrations/microsoft-azure/azure-synapse-analytics',
          'integrations/microsoft-azure/azure-virtual-network',
          'integrations/microsoft-azure/kubernetes',
+         'integrations/microsoft-azure/microsoft-defender-for-cloud',
          'integrations/microsoft-azure/microsoft-dynamics365-customer-insights',
          'integrations/microsoft-azure/network-watcher',
          'integrations/microsoft-azure/sql',