![]() “You can visualize the attack and take quick actions in the same dashboard.” “Graphical and AI-based investigation will reduce the time it takes to understand the full scope of an attack and its impact,” wrote Levi. This helps reduce noise drastically, in fact we have seen an overall reduction of up to 90 percent in alert fatigue during evaluations.”Īzure Sentinel can also connect to user activity and behavior data from Microsoft 365 security products, which can be combined with other sources to provide visibility into an entire attack sequence against business users, he added. “For example, you can quickly see a compromised account that was used to deploy ransomware in a cloud application. “Machine learning technologies will help you quickly get value from large amounts of security data you are ingesting and connect the dots for you,” he wrote. “Azure Sentinel uses Azure Monitor which is built on a proven and scalable log analytics database that ingests more than 10 petabytes every day and provides a very fast query engine that can sort through millions of records in seconds,” wrote Levi.Īlso used by Azure Sentinel to analyze business data in new ways are artificial intelligence capabilities fueled by scalable machine learning algorithms that correlate millions of low fidelity anomalies to present a few high fidelity security incidents for analysis by IT security workers, he wrote. Users can also import their Microsoft Office 365 data for free and combine it with other security data for analysis, giving companies a bigger and better picture of the security threats they are facing. With Azure Sentinel there are no upfront costs, you pay for what you use.”Ī key aim of Azure Sentinel is to cut through false and large numbers of alerts for IT security workers so they can focus on the real threats and get to the core of the problems facing their companies, wrote Levi.įor users, Azure Sentinel is a cloud-native service that allows users to aggregate all security data with built-in connectors, native integration of Microsoft signals and support for industry-standard log formats like common event format and syslog to better fight threats, wrote Levi. “Traditional SIEMs have also proven to be expensive to own and operate, often requiring you to commit upfront and incur high cost for infrastructure maintenance and data ingestion. The tool offers broad scaling capabilities and speed to help businesses meet their IT security requirements, wrote Levi. “It uses the power of artificial intelligence to ensure you are identifying real threats quickly and unleashes you from the burden of traditional Security Information and Event Management (SIEMs) by eliminating the need to spend time on setting up, maintaining and scaling infrastructure.” ![]() “Azure Sentinel makes it easy to collect security data across your entire hybrid organization from devices, to users, to apps to servers on any cloud,” wrote Levi. ![]() ![]() The new tool was unveiled in a recent post by Eliav Levi, director of product management for Microsoft Azure Sentinel, on the Microsoft Azure Blog. Giving a wider range of fresh cyber-attack threats and information to IT security workers 24/7 is the aim of a new Microsoft Azure security tool-Microsoft Azure Sentinel-that was just released by the company in preview mode.īuilt to streamline the collection of IT security information across business organizations, including attacks, vulnerabilities and other issues, Microsoft Azure Sentinel is designed to dramatically help security operations teams improve detection, protection and data security for companies of all sizes using intelligent security analytics. We may make money when you click on links to our partners. EWEEK content and product recommendations are editorially independent. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |