KnowBe4 Defend Connector for Microsoft Sentinel

KnowBe4 Defend combines intelligent detection technologies to reduce human activated risk and protect against advanced phishing threats. Emails are inspected using a combination of machine learning, social graph and natural language processing. By learning email behaviour patterns, it detects anomalies that are indicative of sophisticated, payload-less phishing threats that have evaded existing email security solutions.

Microsoft Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise.

The KnowBe4 Defend Connector for Microsoft Sentinel allows log information from KnowBe4 Defend to be sent to Microsoft Sentinel, enabling organizations to cross-correlate data from multiple sources and enable a holistic view of their security.

Information sent from KnowBe4 Defend to Sentinel provides details of processed emails, including the type of phishing attack, payload type and information to show if the user interacted with the email in a positive (clicking on banners or submitting the phish sample) or negative (clicking on an unsafe URL) manner.