Microsoft is taking enterprise security to a new level with the new cloud-based security information and event management (SIEM) platform called Azure Sentinel.
Using the power of artificial intelligence (AI) and cloud, the Azure Sentinel will provide intelligent security analytics across the entire hybrid organization from devices, users, apps, and servers.
Detecting every threat across the enterprise is a difficult task for security teams in the organization. The focus of these teams is on setting up infrastructure and handle maintenance. In such a scenario, many cyberthreats can go unnoticed. Also, studies suggest that there will be shortage of cybersecurity professions in the future.
Microsoft is taking this into consideration and enabling security teams to detect see every threat clearer and avoid the distractions. The SIEM solutions are generally used for logging security data and generating reports for compliance.
However, the traditional SIEM solutions demand more time for set up, maintenance, and infrastructure scalability. Also, they are often expensive to own and operate, because of high upfront and incur cost of infrastructure maintenance and data ingestion.
Microsoft Azure Sentinel will provide birds-eye view across the enterprise and make the threat detection and response smarter and faster. By eliminating security infrastructure setup and maintenance, it can scale to meet the security demands of enterprises, and reduce IT costs.
Microsoft has built the new solution on Azure to provide cloud scalability. Users wouldn’t have to pay any upfront costs, because it is a pay-per-use solution.
Azure Sentinel is also integrated with Microsoft signals and Azure Monitor, and supports main log formats including common event format and syslog. Customers can easily import their data from Office 365 and merge it with other security data for analysis.
Since it uses machine learning algorithms, the scope of cyberthreats and their impacts can be understood. Customer scan view the attack and respond to it in the same dashboard.
Also read: Microsoft and Telefonica team up to transform customer experience and services in telecom
“While AI sharpens your focus on finding problems, once you have solved the problem you don’t want to keep finding the same problems over and over – rather you want to automate response to these issues,” wrote Eliav Levi Director of Product Management, Microsoft Azure Sentinel, in a blog post.
“Azure Sentinel provides built-in automation and orchestration with pre-defined or custom playbooks to solve repetitive tasks and to respond to threats quickly.”
Azure Sentinel is currently available for preview in Azure Portal.