Integrate your Microsoft Entra Account with MDR
You can integrate your Microsoft Entra account with MDR so any threats and behavioral anomalies are detected. Once integrated, our SOC team analyzes data logs from your Microsoft Entra account for malware activity and other anomalies.
You have to first register an application in Microsoft Entra ID and then configure MDR to collect data.
Configuration Steps
- Sign in to the Azure Portal.
- Navigate to Microsoft Entra ID.
- In the left pane, select App Registrations.
- Click New Registration.
- Provide a Name, choose the account type, and click Register.
After registration:
- Go to the newly created App.
- Under Overview, copy the following: <
- Application (Client) ID
- Directory (Tenant) ID
- Inside the App Registration, open Certificates & Secrets.
- Under Client Secrets, click New Client Secret.
- Add a description and set an expiry period.
- Click Add<> and copy the Secret Value<> (visible only once).
- In the App Registration, go to API Permissions.
- Click Add a permission.
- Select the required Microsoft Graph/API permissions.
- If the API requires elevated access, click Grant admin consent.
- Log into your Xcitium account and open MDR.
- Click 'Managed Security' in the top navigation, then select the 'Integrations' tab.
- Scroll down to 'Integrate your Microsoft Entra account' and fill in the following fields:
- Tenant ID
- Client ID
- Secret Key
- Click 'Register Your Account'.
That's it, your Microsoft Entra account is integrated with MDR. Contact your Xcitium account manager for support if you have any trouble integrating your cloud account with MDR.