Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Sentinel Adds Azure DDoS Protection to Automate Attack Response

Microsoft has released a new Azure DDoS Protection solution for Microsoft Sentinel. The new service leverages Azure DDoS Protection logs to automatically track and block DDoS sources to mitigate sophisticated attacks.

Microsoft Sentinel is a cloud-based security solution that allows security teams to detect and mitigate threats, monitor security events, and analyze data in their environments. It also offers intelligent security analytics to help organizations improve overall security posture. Moreover, Azure DDoS Protection is a security feature that protects against distributed denial of service (DDoS) attacks at the network level.

“Microsoft Sentinel and Azure DDoS Protection services offer rich integration to easily ingest DDoS Protection logs and view and analyze this data in Sentinel to create custom alerts and improve their security posture, investigation, and response processes. Specifically, customers can correlate DDoS smokescreen attacks with events from different sources to detect advanced attacks, such as data theft, and to automatically block them,” Microsoft explained.

Microsoft explained that its new Azure DDoS Protection solution comes with three major components. First up, it includes an Azure DDoS Protection data connector and workbook. Moreover, the solution provides alert rules to help security teams find the source DDoS attackers. There is also a Remediation IP Playbook that lets IT admins automatically create remediation in Azure Firewall for blocking them.

Microsoft Sentinel Adds Azure DDoS Protection to Automate Attack Response

How to get started with Azure DDoS protection

Overall, this release should make it easier for organizations to protect their apps and resources against sophisticated DDoS attacks (such as smokescreen attacks). If you’re interested, you can follow this step-by-step guide to deploy the new solution in your organization.

At launch, Microsoft Sentinel’s new Azure DDoS Protection is available for Azure Firewall and third-party firewall products. However, Microsoft plans to add support for Azure Web Application Firewall later this year.