Skip to main content

Microsoft Defender for Endpoint proof types and permissions

Note

Hyperproof connects to many third-party systems that frequently change, including the system interface. Contact your System Administrator or the third-party provider for assistance in meeting the requirements to integrate with Hyperproof and collect the proof you need.

Hyperproof supports collecting information directly from Microsoft Defender for Endpoint.

When you create a Hypersync for Microsoft Defender on controls or labels, you can automatically collect the following proof:

Requirements

To connect to Microsoft Defender and collect proof your Microsoft Defender configuration must meet the following requirements:

  • Vulnerability.Read permission for Microsoft Defender for Endpoint

Additional documentation

Note

You only need to connect Hyperproof to the app once, and then you can create as many Hypersyncs as you need.

Additionally, you can create multiple Hypersyncs for a single control or label.

Granting tenant-wide access

If your organization has Admin consent requests turned off, Hyperproof users cannot request access to the Hypersync. An Azure admin needs to turn on this option so users can send requests. The admin can designate a reviewer or reviewers to approve the requests.

Note

This only applies to organizations that have the Admin consent requests option turned off.

  1. Log in to the Azure portal.

  2. Search for Enterprise Applications.

  3. Select the Consent and permissions tab.

  4. From the left menu, click Admin consent settings.

  5. Below Admin consent requests, click Yes.

  6. Add at least one user as a reviewer of these requests.

  7. Optionally, click Yes if you want the reviewer to receive email notifications for requests.

  8. Optionally, click Yes if you want the reviewer to receive request expiration reminders.

  9. Click Save.

    Users can now send requests to the reviewer(s).

The reviewer(s) can follow the steps below whenever they receive a request.

  1. Log in to the Azure portal.

  2. Search for Enterprise Applications.

  3. From the left menu, click Admin consent settings.

  4. From the My Pending tab, click the Azure Proof Collector link.

  5. Review the request to ensure it has been requested by an account you recognize.

  6. From the Review permissions and consent tab, you’ll be prompted to log in to Hyperproof.

  7. Review the permissions, and then click Accept.

All users in the Azure tenant can now use the Microsoft Defender for Endpoint Hypersync.

In this section: