Microsoft Expands Sentinel Capabilities to Protect Business Apps from Cyber Threats
Advanced threat detection and log analysis for Power Platform, Dataverse, and Dynamics 365 to enhance enterprise security operations.
Key Takeaways:
- Microsoft Sentinel now monitors Power Platform and Dynamics 365 for threats and suspicious activities.
- It analyzes logs to catch anomalies like unauthorized access or mass deletions.
- This new solution includes automated responses, threat hunting, and visual dashboards for faster action.
Microsoft has launched the Sentinel Solution for Business Applications. This new offering delivers advanced threat detection and monitoring capabilities across Microsoft Power Platform, Dynamics 365 Customer Engagement, and Finance and Operations environments.
The Microsoft Sentinel solution for Business Applications allows administrators to analyze audit and activity logs to detect potential security threats and suspicious behavior. It provides tools to monitor and protect Power Platform apps from security issues. Additionally, the unified solution helps IT teams secure Dynamics 365 Customer Engagement environments, which store data in Microsoft Dataverse.
Key features and capabilities
Specifically, the solution collects logs and data from various parts of the Power Platform and inventory data. It then analyzes this information to detect security issues and unusual behaviour, including mass deletion of Power Apps and execution of Power Apps from unauthorized geographies, as well as suspicious and anomalous activities in Microsoft Dataverse.
Microsoft mentioned that finance and operations apps support key business functions and handle sensitive data, which are often managed by non-experts and accessed by internal and external users. This new solution offers three key capabilities to help businesses protect their Dynamics 365 Finance and Operations environments. It offers clear visibility into user activities, detects suspicious or unauthorized behavior, and supports effective investigation and response to incidents.
Tools for SOC analysts
The Microsoft Sentinel solution for Business Apps includes various data connectors, including Microsoft Power Platform Admin Activity, Microsoft Dataverse (Preview), and Dynamics 365 F&O. It also provides analytics rules that enable businesses to detect threats and suspicious activities within Power Platform and Dynamics 365 Finance and Operations environments.
Last but not least, SOC analysts can also proactively search for hidden threats in business apps using Hunting Queries. Moreover, they can use Playbooks to enable automated security responses for Dynamics and Power Platform. With Workbooks, SOC analysts can turn raw security data into interactive visuals, helping teams quickly spot threats and unusual activity.
Rabia has a master's degree in Software Engineering and she has years of experience writing professionally about Microsoft products and other technologies. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on t...