The AlienApp for Microsoft Defender Advanced Threat Protection (ATP) enables you to leverage your Microsoft Azure logs to prevent, detect, investigate, and respond to advanced threats in your AlienVault USM Anywhere environment.
Edition: The AlienApp for Microsoft Defender ATP is available in the Standard and Premium editions of USM Anywhere.
See https://cybersecurity.att.com/pricing for more information about the feature and data support provided by each of the USM Anywhere editions.
Important: Because the AlienApp for Microsoft Defender ATP can only act on events received from Azure, you also need to configure log collection from Azure Event Hubs. See Collect Logs from Azure Event Hubs and follow the process documented on that page to set up Azure log collection.