Articles in this section

See more

Integrate Defender

Avatar
Tom Gibson
  • Updated
Follow

Integrating Microsoft Defender with requires the following Microsoft Entra ID information:

  • Tenant ID (the existing Directory ID for the Entra customer).

  • Application ID (a configured application Client ID for the Entra customer).

  • Client Secret (a configured authentication for content sharing between OneSite Patch and Entra).

Create a Microsoft Entra Application

To integrate Microsoft Defender with , begin with registering an application with Microsoft Entra ID and creating a service principle.

  1. Sign in to your entra.microsoft.com account as an administrator.

  2. Browse to Identity > Applications > App registrations, and then select New registration.

    OSP-Defender-Entra-appreg.png

  3. Enter the following details into the form:

    OSP-Defender-Entra-appregform.png

    1. Enter a Name that identifies the Adaptiva integration.

    2. Select Accounts in this organization directory only under Supported account types.

    3. Skip both Redirect URI and Service Tree ID. If you must enter something for the Redirect URI, select Web.

  4. Select Register to create the application.

  5. Add the necessary permissions.

Add Permissions to an Entra Application

After creating the new Entra application, use the following steps to add the Vulnerability.Read.All permission from Add registrations. Make sure you are logged in as an administrator.

  1. Access the API Permissions workspace from the App registrations page:

    OSP-Defender-Entra-openNewApp.png

    1. Select the Name of the newly created application on the App registrations page. This opens the application and a new list of menu options.

    2. Select API permissions on the left navigation menu, and then click Add a Permission.

      OSP-Defender-Entra-addpermission.png

      This opens the Request API Permissions workspace.

      OSP-Defender-Entra-APIpermissionsUsed.png

  2. Select APIs my organization uses, and then locate WindowsDefenderATP in the list.

  3. Select WIndowsDefenderATP , and then select Application permissions.

    OSP-Defender-Entra-APIpermsChooseVul.png

  4. Scroll down to and expand Vulnerability, and then select Vulnerability Read All.

  5. Select Add Permissions. If prompted, follow the required steps to provide administrator consent to make the change.

  6. Create a Client Secret ID for the application.

Create a Shared Secret ID

After creating an application and adding permissions, use the following steps to create a shared secret ID. The secret ID enables authentication between OneSite Patch and Windows Defender for the application you created.

  1. Select Certificates & secrets on the Manage menu for the open application.

    OSP-Defender-Entra-CertsSecrets.png

  2. Select Client secrets.

    OSP-Defender-Entra-CreateSecretID.png

  3. Select + New client secret. This opens the Add a client secret dialog:

    OSP-Defender-Entra-AddSecrets.png

    1. Enter a Description of the secret.

    2. Select an Expires timeline.

    3. Select Add to save your changes and return to the Certificates & secrets workspace.

      OSP-Defender-Entra-ExampleSecret.png

  4. Copy and save the Value and Secret ID information.

    Important

    The system does not save this information when you leave this window. Be sure to record these numbers and save them to an accessible location for later use.

  5. Gather the integration details you have created.

Locate and Record the Microsoft Entra IDs

  1. Sign in to your entra.microsoft.com account as an administrator.

  2. From the Home page, navigate to Applications > App Registrations, and then open the application you created for integration.

    OSP-Defender-Entra-openNewApp.png

  3. Select Overview on the left navigation of the application workspace, and then expand the Essentials section.

    OSP-Defender-Entra-findIDs.png

  4. Record the following identification information:

    • Client ID

    • Tenant ID (Directory (tenant) ID)

    • Secret ID

  5. Complete the integration with Adaptiva OneSite Patch.

Integrate Defender with OneSite Patch

  1. Select Windows Defender Endpoint on the left navigation menu of the OneSite Patch dashboard.

    OSP-Defender-Entra-OSPmenu.png

    This opens the Defender Access Settings workspace.

    OSP-Defender-Entra-accessSettings.png

  2. Enter the ID information gathered from Microsoft Entra, and then click Save on the upper left.

    OSP-Defender-Entra-accessSettingsbluesave.png

Administrators and Roles

View, create, or modify Administrators and Roles. Changes made here effect all licensed OneSite products.

After integrating Defender with OneSite Patch you can view your list of Defender users and their assigned roles for your integrated hosts. To make any changes to Administrators or Roles, you must use the Defender product.

Access Security Settings

  1. Select OS-AP-GearIcon.png on the upper right of the Admin Portal dashboard.

  2. Select Settings > Security > Administrator to open the Settings page with the Administrators tab selected. To open to a different tab, select a different item from the final menu.

  3. Select Show All to view existing administrators.

    OS-AP-AdminFolders.png

View Administrators

  1. Select an Administrators folder from the Administrators tab of Security Settings.

    OS-AP-AdminFolders.png

  2. Select Show All to list all Administrators in the selected folder.

    To make any changes to Administrators, you must use the Defender product.

View Roles

  1. Select a Roles folder from the Roles tab of Access Security Settings.

    OS-AP-RoleFoldersSelect.png

  2. Select Show All to list all Roles in the selected folder.

    To make any changes to Roles, you must use the Defender product.

Related articles

Comments

0 comments

Article is closed for comments.