Microsoft Intune

Version: Microsoft Intune.

Microsoft Intune is a cloud-based service that aims to provide unified endpoint management. It focuses on controlling both organization and personally owned mobile devices and mobile applications to protect corporate data. This service also configures specific policies to manage applications.

Netsurion Open XDR facilitates monitoring events from the Microsoft Intune. Dashboard and reports in Netsurion Open XDR benefit you to track user activities, configurational changes, and device data to detect compliance, managed, and registered devices in Microsoft Intune. In this way, you will be able to recognize the device’s criticality and take the necessary measure.

Netsurion Data Source Integration for Microsoft Intune allows you to monitor the following components:

  • Security – It provides information related to the user activities to track Intune actions and the device particulars like compliance, registered, and managed device details to get more visibility on device criticality.

After the Microsoft Intune is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security Microsoft Intune – Configuration modified This alert indicates the activity performed on Intune configuration or the user activity when configuring the devices in Microsoft Intune.
Security Microsoft Intune – Failed audit action This alert indicates a failed action detected in Microsoft Intune.
Security Microsoft Intune – Non-compliance/un-registered/un-managed device detected This alert detects non-compliance, unregistered, and unmanaged devices in Microsoft Intune.

Reports

Type Name Description
Security Microsoft Intune – Audit activities This report provides a detailed summary of audit activities in Microsoft Intune. It includes the source IP address, operation name, operation type, result, correlation ID, and more.
Security Microsoft Intune – Device details This report provides a detailed summary of onboarded devices in Microsoft Intune. It includes the compliance state, managed state, device name, tenant Id, username, owner type, MAC address, IMEI, and more.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.3 or later, and Microsoft Intune.

Download Integration Guide and How-to Guide for configuration instructions and more information.