Identity Security Cloud exports audit and access events to Microsoft Sentinel for unified security analytics
Commons DraftAgent-researchedInteroperabilityProduct to ProductCustom Vendor Integration
Endpoints: Identity Security Cloud audit and access event stream (Policy) + Microsoft Sentinel log ingestion and analytics workspace (SecOps)
Mechanism: SailPoint–Microsoft Sentinel audit and access event export integration
SailPoint Identity Security Cloud integrates with Microsoft Sentinel by exporting identity audit and access-related data into Sentinel so those events can be correlated with other security telemetry in Pillar D, providing a custom vendor integration between Pillar A identity governance and Pillar D security operations.
Linked Evidence
SupportsDraft evidenceAgent-researched
A Microsoft Sentinel integration video explains that SailPoint’s integration moves SailPoint audit and access-related data into Microsoft Sentinel, where it becomes searchable and can be cross-referenced with telemetry from other applications.
SailPoint IdentityNow Integrates with Microsoft Sentinel