Pull Secure Score posture findings and Defender alerts.
Source connector — pulls identity and access data from Microsoft Defender into ComplianceScout where it is scored against your compliance frameworks and violation rules.
After a successful sync, the following data is available in your ComplianceScout dashboard for violation detection and reporting.
These fields are collected when you add the connector in the ComplianceScout dashboard. Secrets are encrypted at rest using AES-256-GCM and are never logged.
| Field | Type | Required | Notes |
|---|---|---|---|
| Tenant ID | Text | Required | — |
| Client ID | Text | Required | — |
| Client secret | Secret | Required | App needs SecurityEvents.Read.All admin-consented in Entra ID. |
Follow these steps to gather the credentials above and connect Microsoft Defender to ComplianceScout.
In the Azure Portal, create a new App registration under Microsoft Entra ID → App registrations → New registration.
Go to API permissions → Add a permission → Microsoft Graph → Application permissions and add SecurityEvents.Read.All. Click Grant admin consent.
Go to Certificates & secrets → New client secret, copy the value.
Copy the Application (client) ID and Directory (tenant) ID from the Overview page.
In ComplianceScout, go to Data & Secrets → Integrations → Add Connector → Microsoft Defender and enter the credentials.
Start a free trial — your tenant is provisioned instantly and you can wire up this integration from the connectors page.