Citrix Analytics for Security

Microsoft Graph Security integration

April 21, 2021

Contributed by:

M R H

Microsoft Graph Security is an external data source that aggregates data from multiple security providers. It also provides access to the user inventory data.

Citrix Analytics currently supports the following security providers from Microsoft Graph Security:

Azure AD identity protection
Microsoft Defender for Endpoint

For more information on the security providers, see the following links:

For Azure AD Identity Protection: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risk-events
For Microsoft Defender for Endpoint: https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/defender-advanced-threat-protection

To onboard the Microsoft Graph Security data source, you need to obtain the required permissions on behalf of a tenant, from the Microsoft identity platform.

Prerequisites

Before you begin onboarding the Microsoft Graph Security data source, ensure that:

The administrator is using the Azure AD Identity Protection (part of the Azure AD Premium P2) security provider.
The end user is signed in to Microsoft Store with Work or School accounts.

Onboarding Microsoft Graph Security instances

Go to Settings > Data Sources > Security and then navigate to the EXTERNAL DATA SOURCES section.
Click the plus (+) sign on the Microsoft Graph Security site card. You get redirected to the authorize endpoint.
On the Microsoft window, sign in using your Azure logon credentials to register an account. Or, select an existing account.
Click Next.
Click Accept. You get redirected to the Data Sources page. The Microsoft Graph Security data source is now linked to your Citrix Cloud account.

Turn on or off data processing

To disable data processing, click the vertical ellipsis (⋮) on the site card and select Turn off data processing. It stops Citrix Analytics from processing data for this data source.

You can turn on data processing again by selecting Turn On Data Processing on the site card.

MSG Onboarding

For information on Microsoft Graph Security risk indicators, see Microsoft Graph Security risk indicators.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Microsoft Graph Security integration

April 21, 2021

Contributed by:

M R H

April 21, 2021

Contributed by:

M R H

Microsoft Graph Security integration

Prerequisites

Onboarding Microsoft Graph Security instances

Turn on or off data processing

In this article