Latest Version 1.1.2
August 7, 2025
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Microsoft 365 Defender Threat Vulnerability Add-on for Splunk
Vulnerabilities are flaws in a computer system that weakens the overall security of the device or system. And in both small and large organizations it can be quite daunting to keep all devices patched against all vulnerabilities at all times.
Built by
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0
CIM Version: 6.x, 5.x
Rating
0
(0)
Log in to rate this app
Support
Developer Supported addon
Ranking
#7
in Vulnerability Scanner
Vulnerabilities are flaws in a computer system that weakens the overall security of the device or system.
And in both small and large organizations it can be quite daunting to keep all devices patched against all vulnerabilities at all times.
This is also troublesome for managers, who need to give compliance reports regarding their systems.
By utilizing MS Defender Vulnerability framework it is much easier to give a clear answer regarding how well patched your devices are.
Import the Defender data to Splunk and give your organization a boost in both threat insights and security analytics.
The app comes packaged with one example dashboard to give you an idea of how to use the data.
It also CIM normalizes the data into the Vulnerability data model, and holds reports that generates ES ready asset lookups for you.
Check out the README for more details.
Categories
Security, Fraud & Compliance, Vulnerability Scanner
Created By
Thomas Hillesøy
Type
addon
Downloads
1,061
Licensing
MIT License(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing