Netskope Help

Microsoft Defender Plugin for Threat Exchange

This document provides instructions to configure the Microsoft Defender ATP integration with the Threat Exchange module of the Netskope Cloud Exchange platform. This integration allows for sharing of file hashes with Netskope.


To complete this configuration, you need:

  • A Netskope Tenant (or multiple, for example, production and development/test instances)

  • A Secure Web Gateway subscription for URL sharing

  • A Netskope Cloud Exchange with Threat Exchange configured

  • A Microsoft Defender Account.

  1. Create a custom File Profile.

  2. Get the Netskope token.

  3. Get the Microsoft Defender credentials.

  4. Configure the Threat Exchange Plugin.

  5. Configure the Microsoft Defender Plugin.

  6. Configure sharing between Netskope and Microsoft Defender.

  7. Validate the Microsoft Defender Plugin.

Click play to watch a video.