Rediger

Del via

Quest Security Guardian

  • Artikel

Important

Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Quest Security Guardian is an Active Directory security tool designed to reduce your attack surface. From a simplified unified workspace, Security Guardian reduces alert fatigue by prioritizing your most exploitable vulnerabilities and Active Directory configurations that demand attention. The solution spotlights what happened if you’re exposed and how to fix the problem.

The Security Guardian Plugin exposes all of Security Guardian's threat indicators, findings, and alerts to Microsoft Security Copilot. This allows all the data to be combined with other security findings (increasing signal strength) and ultimately acted on by Security Analysts to identify and fix vulnerabilities faster.

Note

This article contains information about third-party plugins. This is provided to help complete integration scenarios. However, Microsoft does not provide troubleshooting support for third-party plugins. Contact the third-party vendor for support.

Know before you begin

You'll need to take the following steps before using the plugin.

  1. Sign in to Microsoft Security Copilot.

  2. Access Manage Plugins by selecting the Plugin button from the prompt bar.

  3. Next to Quest Security Guardian, select the toggle to enable it.

    Provide the following information:

    • Tenant Id: The ID of the Microsoft Entra ID Organization that the Microsoft Sentinel workspace is in.
    • Subscription Id: The ID of the Azure Subscription that the Microsoft Sentinel workspace is in.
    • Resource Group Name: The name of the Resource Group that the Microsoft Sentinel workspace is in.
    • Workspace Name: The name of the Microsoft Sentinel workspace.

  4. Save your changes.

Sample Quest Security Guardian prompts

After the Quest Security Guardian plugin is configured, you can use it to:

  • Access the plugin capabilities by selecting the Plugin button from the prompt bar and selecting Quest Security Guardian.
  • Prompt Security Copilot using any of the following example prompts.

Example prompts:

  • Generate a report using Security Guardian and summarize the top 5 trends the indicators show and then summarize how these impact our company and suggest a couple of ways to resolve or mitigate them.

Troubleshoot the Quest Security Guardian plugin

Errors occur

If you encounter errors, such as Couldn't complete your request, or An unknown error occurred. Make sure the plugin is turned on. This error may occur if the lookback period is too long, causing the query to attempt to retrieve an excessive amount of data. If the issue persists, sign out of Security Copilot, and then sign back in.

Prompts aren't invoking the correct capabilities

If prompts aren't invoking the correct capabilities, or prompts are invoking some other capability set, you might have custom plugins or other plugins that have similar functionality as the capability set you want to use.

Provide feedback

To provide feedback, contact Quest Security Guardian.

See also

Other plugins for Microsoft Security Copilot Manage plugins in Microsoft Security Copilot