Introduction
This guide streamlines the integration of vSEC:CMS with Microsoft Sentinel, enabling centralized visibility and enhanced security for credential lifecycles via vSEC:CMS REST API.
Step 1 Setup vSEC:CMS REST API
Follow the instructions here to setup connection with vSEC:CMS REST API.
For Microsoft Sentinel to connect, the certificate used for the SSL/TLS must be issued by a publicly trusted CA (Certificate Authority).
Step 2 Generate API Authentication Token
From the vSEC:CMS REST API connector click the Authentication Tickets button.
Click Add and give the ticket a name, e.g. Sentinel Connector.
Click Enable checkbox.
Click Generate Ticket.
Copy the generated token immediately. It will not be displayed again.
Step 3 Public Accessibility & Security Requirements
Since Microsoft Sentinel is a cloud service, vSEC:CMS REST endpoint must be reachable from the internet.
You will need to create a DNS record (e.g., cms.yourdomain.com) pointing to your gateway.
Open the specified port (e.g., 8443) to allow traffic from Sentinel's IP ranges.
The connection must be encrypted. Therefore, use a certificate from a trusted provider.
Step 4 Add Versasec CMS to Sentinel
It is expected that you have experience and expertise in managing applications with Microsoft Sentinel for the completion of the next steps.
Log onto Microsoft Azure Portal and navigate to Microsoft Sentinel. From the Content Hub search for vSEC:CMS Sentinel and select Install.
Then from the workspace configuration page enter the Management URL, the API Base Path and the API Token generated in step 2. Click the Connect button to connect to your vSEC:CMS system.
Once the connection is complete you should see entries in your Sentinel workspace.