BlueApp for Microsoft Defender ATP

The AlienApp for Microsoft Defender Advanced Threat Protection (ATP) enables you to leverage your Microsoft Azure logs to prevent, detect, investigate, and respond to advanced threats in your USM Anywhere environment. The BlueApp generates events by querying the Microsoft Defender for Endpoint APIs or receiving events from the Azure Event Hubs.

Edition: The BlueApp for Microsoft Defender ATP is available in the Standard and Premium editions of USM Anywhere.See the Affordable pricing to fit every budget page for more information about the features and support provided by each of the USM Anywhere editions.

This topic discusses these subtopics: Configuring the BlueApp for Microsoft Defender ATP BlueApp for Microsoft Defender ATP Actions Creating Microsoft Defender ATP Response Action Rules

Configuring the BlueApp for McAfee ePO Configuring the BlueApp for Microsoft Defender ATP

⌘I