Scribd
Upload
936 views

Microsoft Teams Integration With SentinelOne

This document provides instructions for configuring the Microsoft Teams application from the Singularity Marketplace to send alerts from SentinelOne to a Microsoft Teams channel. It describes prerequisites for setting up a Microsoft Teams account and webhook, and steps for installing the app, selecting trigger options and permissions.

Uploaded by

punzango73
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
936 views

Microsoft Teams Integration With SentinelOne

This document provides instructions for configuring the Microsoft Teams application from the Singularity Marketplace to send alerts from SentinelOne to a Microsoft Teams channel. It describes prerequisites for setting up a Microsoft Teams account and webhook, and steps for installing the app, selecting trigger options and permissions.

Uploaded by

punzango73
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Microsoft Teams

Supported from Management version: Version S

This feature requires SKU: Singularity™ Complete

When SentinelOne detects a threat, the Microsoft Teams application from Singularity™
Marketplace sends a message with an alert to your Microsoft Teams account. This integration helps
you quickly pivot to your SentinelOne Management Console for immediate investigation and
mitigation of detections.

Prerequisites

1. Register a Microsoft Teams account to configure a channel Incoming Webhook.

2. Generate and copy the Incoming Webhook URL to configure the Microsoft
Teams application in Singularity™ Marketplace.

3. To get the Incoming Webhook URL:

a. In the Microsoft Teams channel, click Connectors.

b. Search Incoming Webhook and click Add.

c. Enter the fields:

 Name for the Incoming Webhook. Then, click Create.

 Optional: Click Upload Image > Create to customize the image or


use the Default Image assigned to the Incoming Webhook.

d. Copy the generated URL.

e. To complete the Incoming Webhook configuration, click Done.

To Install the App from Singularity™ Marketplace:

1. Log in to your SentinelOne Management Console.


2. At the top right of the Console, click Singularity Marketplace.

3. Search for Microsoft Teams, then click Authorize & Install.

4. If applicable, Select run app in Simulation Mode (if checked, will ignore all other
options).

5. Select options for triggering:

 All threats.

 Malicious threats only.

 Suspicious threats only.

6. Enter the Webhook URL.

7. Enter the Teams Channel Name. This name will show in the Notes section of the threat
overview in your SentinelOne Management Console.

8. If applicable enable:

 Send channel message with threat details.

 Send channel message when a user is deleted from SentinelOne.

 All actions available as manual actions.

9. Click Next.

10. Select the required Access Level.

11. Click Save and add another or Install to complete the configuration. When the app is
installed, the status will show as Active.

You might also like