Skip to main content

Deployment

This short guide explains how to grant Anagram Cyber secure access to your Microsoft Defender data.
We use Microsoft Entra app registrations and a least privilege permission model.

Permissions model

  • Access is via an Application registration (app-only model).
  • The app is granted only the minimum Microsoft Graph Security API permissions required for monitoring:
    • SecurityEvents.Read.All
  • Write or remediation permissions are not requested.
  • You (the customer) control which permissions are consented to in your tenant.

Register & authorize the Anagram Cyber app

  1. Sign in to the Microsoft Entra admin center with Global Administrator (or Security Administrator) rights.

  2. Go to App registrations → New registration.

  3. Enter a name, e.g. AnagramCyber-Integration.

  4. Choose Accounts in this organizational directory only (Single tenant).

  5. Leave Redirect URI blank and click Register.

  6. In the new app:

    • Go to Certificates & secrets and create a client secret. Copy the value — you’ll share this with Anagram
    • Go to API permissions → Add a permission → Microsoft Graph → Application permissions.
    • Search for and add SecurityEvents.Read.All
    • Click Grant admin consent for the tenant.

  7. Sav the follow details and submit them via the Anagram Customer Portal

    • Directory (tenant) ID
    • Application (client) ID
    • Client secret value