Microsoft Defender for Endpoint Integration Guide

Microsoft Defender for Endpoint Integration Guide:

To integrate Microsoft Defender EPP with Timus, you need the following Microsoft products:

  • Microsoft 365 Business Premium: This includes advanced security and device management capabilities.

  • Azure Active Directory: For identity and access management.

  • Microsoft Defender for Endpoint: Provides the necessary security features for endpoint protection.

Defender Endpoint Protection must be up and running on the devices you want to sync. Please checkout following link to deploy Defender to your devices.

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/deployment-strategy?view=o365-worldwide

Click on the “New Registration” and register a new application.

  • After doing that you will get your Client and Tenant ID’s.,

  • To get client secret value, you will need to click on the “Certificates & secrets” button. And create a new client secret.

  • Note: This secret is shown once it is created. Please note it carefully.

  • After noting down Client Secret, Tenant ID and Client ID, you need to give following permissions on Entra ID. To do that please navigate to “API Permissions” and click on the “Add a permission” button.

  • Move on to the “APIs my organization uses” tab and search for “WindowsDefenderATP” and click on it.

  • Select “Application permissions”. Navigate to “Machine” and give “Machine.Read.All” permission.

  • Grant admin consent for the application.

Last updated