Customer is a leading Threat Intelligence solution provider.
They provide a platform for companies to aggregate and act upon Threat Intelligence.
Customer requested for the integration of their product with the Office 365
- Sacumen developed the Connector app that reads the Microsoft Office 365 Audit logs for Azure Active Directory, Exchange, SharePoint, and General logs
- The Connector makes GET REST API calls to the Office 365 Management APIs to retrieve the various content blobs for multiple subscriptions associated with multiple tenants
- Connectors will then parse events and write it into the LEEF format
- API Test Methods and Selenium automation scripts were written for events generation