Merge pull request #9142 from Azure/v-atulyadav/mdo365

Repackage Microsoft Defender for Office 365
Azure · Oct 5, 2023 · 7c19c25 · 7c19c25
2 parents 572f612 + 354f9a7
commit 7c19c25
Show file tree

Hide file tree

Showing 7 changed files with 877 additions and 87 deletions.
diff --git a/Solutions/Microsoft Defender for Office 365/Data/Solution_MicrosoftDefenderforOffice365.json b/Solutions/Microsoft Defender for Office 365/Data/Solution_MicrosoftDefenderforOffice365.json
@@ -14,11 +14,12 @@
     "Solutions/Microsoft Defender for Office 365/Playbooks/O365DefenderPlaybooks/o365-BlockMalwareFileExtension/azuredeploy.json",
     "Solutions/Microsoft Defender for Office 365/Playbooks/O365DefenderPlaybooks/o365-BlockSender/azuredeploy.json",
     "Solutions/Microsoft Defender for Office 365/Playbooks/O365DefenderPlaybooks/o365-BlockSender-EntityTrigger/azuredeploy.json",
-    "Solutions/Microsoft Defender for Office 365/Playbooks/O365DefenderPlaybooks/o365-BlockSpamDomain/azuredeploy.json"
+    "Solutions/Microsoft Defender for Office 365/Playbooks/O365DefenderPlaybooks/o365-BlockSpamDomain/azuredeploy.json",
+    "Solutions/Microsoft Defender for Office 365/Playbooks/O365DefenderPlaybooks/o365-DeleteMaliciousInboxRule/azuredeploy.json"
   ],
-  "BasePath": "C:\\GitHub\\Azure-Sentinel",
-  "Version": "3.0.0",
+  "BasePath": "C:\\GitHub\\Azure-Sentinel\\",
+  "Version": "3.0.1",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
-  "Is1PConnector": true
+  "Is1PConnector": true 
 }
diff --git a/Solutions/Microsoft Defender for Office 365/Data/system_generated_metadata.json b/Solutions/Microsoft Defender for Office 365/Data/system_generated_metadata.json
@@ -0,0 +1,38 @@
+{
+  "Name": "Microsoft Defender for Office 365",
+  "Author": "Microsoft - support@microsoft.com",
+  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/office365_logo.svg\"width=\"75px\" height=\"75px\">",
+  "Description": "The [Microsoft Defender for Office 365](https://www.microsoft.com/security/business/threat-protection/office-365-defender) solution for Microsoft Sentinel enables you to ingest security alerts from the Defender for Office 365 platform, providing visibility into threats within email messages, links (URLs) and collaboration tools.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution  is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)",
+  "BasePath": "C:\\GitHub\\Azure-Sentinel\\",
+  "Version": "3.0.1",
+  "Metadata": "SolutionMetadata.json",
+  "TemplateSpec": true,
+  "Is1PConnector": true,
+  "publisherId": "azuresentinel",
+  "offerId": "azure-sentinel-solution-microsoftdefenderforo365",
+  "providers": [
+    "Microsoft"
+  ],
+  "categories": {
+    "domains": [
+      "Security - Threat Protection"
+    ]
+  },
+  "firstPublishDate": "2022-05-17",
+  "support": {
+    "tier": "Microsoft",
+    "name": "Microsoft Corporation",
+    "email": "support@microsoft.com",
+    "link": "https://support.microsoft.com/"
+  },
+  "Data Connectors": "[\n  \"template_OfficeATP.json\"\n]",
+  "Playbooks": [
+    "Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/azuredeploy.json",
+    "Playbooks/O365DefenderPlaybooks/o365-BlockMalwareFileExtension/azuredeploy.json",
+    "Playbooks/O365DefenderPlaybooks/o365-BlockSender-EntityTrigger/azuredeploy.json",
+    "Playbooks/O365DefenderPlaybooks/o365-BlockSender/azuredeploy.json",
+    "Playbooks/O365DefenderPlaybooks/o365-BlockSpamDomain/azuredeploy.json",
+    "Playbooks/O365DefenderPlaybooks/o365-DeleteMaliciousInboxRule/azuredeploy.json"
+  ],
+  "Workbooks": "[\n  \"MicrosoftDefenderForOffice365.json\"\n]"
+}
diff --git a/Solutions/Microsoft Defender for Office 365/Package/3.0.1.zip b/Solutions/Microsoft Defender for Office 365/Package/3.0.1.zip
diff --git a/Solutions/Microsoft Defender for Office 365/Package/createUiDefinition.json b/Solutions/Microsoft Defender for Office 365/Package/createUiDefinition.json
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/Azure_Sentinel.svg\"width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Microsoft%20Defender%20for%20Office%20365/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution.\n\nThe [Microsoft Defender for Office 365](https://www.microsoft.com/security/business/threat-protection/office-365-defender) solution for Microsoft Sentinel enables you to ingest security alerts from the Defender for Office 365 platform, providing visibility into threats within email messages, links (URLs) and collaboration tools.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution  is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Microsoft Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)\n\n**Data Connectors:** 1, **Workbooks:** 1, **Function Apps:** 1, **Playbooks:** 4\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/office365_logo.svg\"width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Microsoft%20Defender%20for%20Office%20365/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution.\n\nThe [Microsoft Defender for Office 365](https://www.microsoft.com/security/business/threat-protection/office-365-defender) solution for Microsoft Sentinel enables you to ingest security alerts from the Defender for Office 365 platform, providing visibility into threats within email messages, links (URLs) and collaboration tools.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution  is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Microsoft Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)\n\n**Data Connectors:** 1, **Workbooks:** 1, **Function Apps:** 1, **Playbooks:** 5\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",