Commvault Cloud for Sentinel

Commvault Cloud for Microsoft Sentinel helps organizations gain real-time, automated cyber resilience that strengthens security and accelerates recovery. Automated security event ingestion helps enable centralized threat detection, incident response, and compliance monitoring for your data protection infrastructure.

Key Features

• Collect security-relevant events like anomalies and cyber threats (by default) as documented in the Threat Indicators Dashboard. Refer to the detailed documentation for more.

• Help eliminate security blind spots and reduce manual monitoring overhead in data protection environments with real-time threat detection, incident analysis, and orchestrated response actions.

How it Works

• Generate access and refresh tokens in Commvault Cloud with Admin Privileges.

• Create Azure Key Vault with required secrets (access-token, refresh-token, environment-endpoint-url).

• Deploy Connector. Install from Sentinel Content Hub and configure Function App parameters.

Configure permissions and grant Function App access to Key Vault (Access Policies or RBAC). For detailed configuration steps, prerequisites, and automation setup, visit: https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Commvault%20Security%20IQ.