Microsoft Azure Sentinel - RSA Ready SecurID Access Implementation Guide
Cloud Administration APIs Use the Cloud Administration Add/Remove High-Risk User List API to add or remove one or more users from a high-risk user list. You can determine authentication and access requirements for users who are identified as high risk. These might be users whose accounts have been compromised, or for whom a third-party security information and event management (SIEM) solution, such as Microsoft Azure Sentinel has detected suspicious activity.
Note: This API is available only for Premium Edition.
The following links provide instructions on how to integrate MicrosoftAzure Sentinel with RSA SecurID Access.
This document is not intended to suggest optimum installations or configurations. It assumes the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and MicrosoftAzure Sentinel components must be installed and working prior to the integration.