Microsoft's Sentinel Security Tool Aims to Bring Intelligent Security Analytics To Your Data
To say that the security vector is expanding for companies who are increasingly making their data available and always connected would be an understatement. Hackers, which include state-sponsored entities, are ramping up their attacks on networks and services with the trends showing that this activity will not be slowing down anytime soon, or possibly ever.
To help protect your environment, Microsoft is announcing two new services today, Sentinel and Microsoft Threat Experts. The company says that Azure Sentinel is the first native SIEM (Security Information and Event Management) within a major cloud platform and states that the product will help you stop threats before they impact your environment.
The goal of Sentinel is to significantly reduce the noise when hunting down intrusions or weaknesses with Microsoft saying that they have seen reductions of up to 90 percent of “alert fatigue” for early adopters of the platform. And because Sentinel is running in Azure, you have the ability to scale up services quickly to scour volumes of data with minimal overhead – the company will let you ingest your Office 365 data into the platform for ‘free’ as well.
If Sentinel only worked with your Office and cloud data, it wouldn’t be all that effective. Most organizations are in a hybrid-scenario where they have a variety of vendors. To address this, Sentinel supports open standards such as Common Event Format (CEF) and partner connections, including Microsoft Intelligent Security Association partners such as Check Point, Cisco, F5, Fortinet, Palo Alto, and Symantec, as well as ecosystem partners such as ServiceNow.
The idea is to bring as much data as is it can absorb into Sentinel to improve the viability into your own personal security graph.
To help companies further dive into their security graph, Microsoft is also rolling out Threat Experts, a new service within Windows Defender ATP. Think of Sentinal as the AI security solution from Microsoft and Threat Experts as the human-centric approach to help identify exposures.
With Threat Experts and a few clicks of the mouse, Microsoft can take a look at your anonymized security data for threats such as human adversary intrusions, hands-on-keyboard attacks, and advanced attacks like cyberespionage. Think of it this way, when you need a helping hand, Threat Experts is designed to make it a simple process to bring in outside experts for assistance with your security challenges.
Security will continue to be an evergreen challenge for nearly every company. As our dependency on connected-data continues to grow, so will its value to external threats who know that they can have a quick payday by compromising your platform. Microsoft’s goal is to help provide additional layers of security but remember that at the end of the day, you are only as strong as your weakest link.
More in Security
Microsoft Defender for IoT Gets Cloud-Powered Security Features to Protect Enterprise Networks
Mar 21, 2023 | Rabia Noureen
Azure Firewall Basic Now Available to Protect Small Businesses Against Cyberattacks
Mar 16, 2023 | Rabia Noureen
Microsoft Releases Updates to Patch Critical Outlook NTLM Vulnerability
Mar 16, 2023 | Rabia Noureen
Microsoft Warns About New MFA Bypass Tool Used in AiTM Phishing Campaigns
Mar 15, 2023 | Rabia Noureen
Microsoft 365 Defender Adds Real-Time Custom Detections Support in Preview
Mar 14, 2023 | Rabia Noureen
GitHub to Start Rolling Out Two-Factor Authentication (2FA) to All Contributors Today
Mar 13, 2023 | Rabia Noureen
Most popular on petri