INtegration

Integration for Microsoft Defender for Endpoints

When EDR and XDR tools raise alerts, you can use automated workflows in Blink to quickly gather info on IOCs, quarantine devices, and notify the relevant team members.

Automating Microsoft Defender for Endpoints Workflows with Blink

Blink supports 10 out-of-the-box actions for Microsoft Defender for Endpoints so it’s easy to respond to malware alerts with smart, automated workflows.

Microsoft Defender for Endpoints helps organizations protect devices by monitoring for viruses and malware. With automated workflows in Blink, security teams can streamline their process for investigating and responding to these emerging threats. When isolating devices and aggregating information about IOCs is seamless, security teams can mitigate organizational risk fast.

View the Docs

Blink Workflow: On a New Alert from Microsoft Defender for Endpoints, Create a ServiceNow Ticket, and Isolate the Device

Blink Copilot: Search IOCs Across Devices with Microsoft Defender for Endpoints

Automated Workflows for
Microsoft Defender for Endpoints

In the Blink library, we have compiled 8,000 automations that customers can download and run instantly. These automations include workflows for cloud security, compliance, identity & access management, network security, SOC & incident response, and threat hunting.

Use Cases

Incident Response & SOC