I'll start:
Rapid7 InsightIDR SIEM is what we use in our environment.
A second forum for Defender development teams to see what SIEM integrations their customers want to see implemented is to submit it in the IBM IDEAS portal.
Following is my IDEA submission for supporting Rapid7; if anyone else uses this SIEM, please vote on this IDEA:
https://ibm-sys-storage.ideas.ibm.com/ideas/SCRDEF-I-74
------------------------------
Randy Frye
Senior Storage Administrator
D&H Distributing
Harrisburg
7173647948
------------------------------
Original Message:
Sent: Tue December 10, 2024 10:10 AM
From: Randy Frye
Subject: Storage Defender SIEM Integrations
Defender product group has futures defined for integration of certain well-known SIEM products with Defender. Support for additional SIEM products are supposed to be rolled out on an ongoing basis. I though it might be helpful to have a thread where Champions can comment what SIEM products they use in their environments, to provide the Defender development teams a better idea of which SIEM product integrations to prioritize.
------------------------------
Randy Frye
Senior Storage Administrator
D&H Distributing
Harrisburg
7173647948
------------------------------