Azure Sentinel

Microsoft Sentinel, which was previously known as Azure Sentinel, is a Security Information and Event Management (SIEM) solution for Azure and Microsoft 365. Just like other SIEM solutions, it combines Security Information Management (SIM) and Security Event Management (SEM). In this article, we’re going to explain how Microsoft Sentinel works and how this solution can…

 Cloud Conversations is a weekly podcast that we’ll be featuring here on Petri. It’s about everything connected to cloud computing, including technologies like Azure, Microsoft 365, Power Platform, Microsoft Endpoint Manager (MEM), Microsoft Defender, Windows, Intune, and much more! Cloud Conversations – Matt Zorich on Azure Sentinel and KQL Matt Zorich is a Principal…

I think you’ll find that there are quite a few announcements this month. The summer quiet period is over, and we’re into a whole new development/release semester in Microsoft, not to mention the countdown to the usual peak release season for Microsoft Ignite has started – most releases announced at Ignite happen well before Ignite….

Earlier this month, the Azure Sentinel and Microsoft Threat Intelligence Center (MSTIC) teams announced the public availability of ‘Fusion detection for ransomware’. Fusion is designed to automatically correlate security alerts that could be related to ransomware. More precisely, Microsoft said the Fusion machine learning model collates alerts detected in a specific timeframe during defense evasion…

July is here and we are halfway through the year. Am I the only one that feels like 2021 is zipping by? I have been working non-stop for the last 6 months preparing for and migrating legacy workloads from a data center to Microsoft Azure and I have barely had time to look up from…

Last week Microsoft announced improvements to its cloud-native SIEM product, Azure Sentinel. In an effort to make Sentinel more efficient for Security Operations (SecOps) teams, Microsoft has improved the quality of rules and includes more innate intelligence out-of-the-box. There’s also built-in support for SAP in preview. Plus, other features like UEBA and entity pages, which…

UEBA can identify unusual activity and help SOC teams identify if there is a compromised entity or a malicious insider.

October, the first month in Q4 of the calendar year and Q2 of the Microsoft financial year, is also in the middle of planning for the next semester of development of Microsoft Azure (codenamed Cobalt).

At its Ignite conference in September, Microsoft announced a serious of branding changes for Microsoft Defender and new features for Azure Sentinel.