Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt

Use this file to discover all available pages before exploring further.

The AlienApp for Microsoft Defender Advanced Threat Protection (ATP) enables you to leverage your Microsoft Azure logs to prevent, detect, investigate, and respond to advanced threats in your USM Anywhere environment. The BlueApp generates events by querying the Microsoft Defender for Endpoint APIs or receiving events from the Azure Event Hubs.
Edition: The BlueApp for Microsoft Defender ATP is available in the Standard and Premium editions of USM Anywhere.See the Affordable pricing to fit every budget page for more information about the features and support provided by each of the USM Anywhere editions.
This topic discusses these subtopics: Configuring the BlueApp for Microsoft Defender ATP BlueApp for Microsoft Defender ATP Actions Creating Microsoft Defender ATP Response Action Rules