Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home SIEM

AttackIQ integrates Security Optimization Platform with Microsoft Azure Sentinel cloud-native SIEM platform

Azure Sentinel News Editor by Azure Sentinel News Editor
November 12, 2020
in SIEM, Threat Intelligence
0
AttackIQ integrates Security Optimization Platform with Microsoft Azure Sentinel cloud-native SIEM platform
1.5kViews

AttackIQ announced its integration between the Microsoft Azure Sentinel cloud-native security information and event manager (SIEM) platform and the AttackIQ Security Optimization Platform.

Microsoft was a founding member of AttackIQ’s Preactive Security Exchange (PSE), an objective and trusted program that enables security vendors to validate the efficacy of their products and identify security gaps.

Launched in August, the PSE already has dozens of leading security companies as partners, including BlackBerry, Cisco, CheckPoint, Illumio, LogRhythm, McAfee, Microsoft, Palo Alto Networks, RSA, SentinelOne, and TrendMicro.

“We’re delighted to announce AttackIQ’s integration with Microsoft Azure Sentinel, and the opportunity to enable Azure Sentinel users to test and validate their detection pipeline and ultimately fine-tune security processes across their organization,” said Dariush Afshar, VP of Platform & Business Development, AttackIQ.

“With our integration with Azure Sentinel, Microsoft customers now have another powerful tool for optimizing their security investments, whether that be their Microsoft 365 Defender investments like Microsoft Defender for Endpoint, or third-party security products – such as nextgen firewall – that feed Azure Sentinel.”

“Microsoft Azure Sentinel offers customers a robust platform for log aggregation, detection, and alerting while the AttackIQ platform enables customers to measure the performance of those capabilities and improve that performance over time,” said Eric Burkholder, Senior Program Manager, Azure Sentinel.

The security optimization capabilities of the AttackIQ platform provide Azure Sentinel users with essential tools to increase effectiveness of detection and investigation pipelines.

The platform utilizes the MITRE ATT&CK database of known attacker tactics, techniques and procedures (TTPs) to help customers assess the ability of their security stack to prevent, detect and contain real-world threats. Security teams are able to:

  • Confirm events are detected and/or prevented by deployed security technologies
  • Confirm that detection and prevention messages are properly forwarded to Azure Sentinel
  • Test built-in and custom queries and alert rules
  • Exercise the actions defined in Azure Sentinel Playbooks

The Azure Sentinel SIEM integrates with the AttackIQ Security Optimization Platform to verify detection pipelines and detection logic, which help security teams focus on finding threats quickly.

It operates by using machine learning models trained on trillions of daily signals and allowing customers to optimize for their own needs with tailored detections and threat intelligence.

Reference: https://www.helpnetsecurity.com/2020/10/28/attackiq-microsoft-azure-sentinel/

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

What’s new: Microsoft Teams connector in Public Preview
SIEM

Changes in How Running Hunting Queries Works in Azure Sentinel

February 11, 2021
Microsoft suspends 18 Azure accounts tied to China-based hackers
SIEM

Azure Sentinel can now Analyze All Available Azure Active Directory Log Files

February 8, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

How to Setup a Managed Identity for the Azure Sentinel Logic App Connector

January 21, 2021
Next Post
Microsoft Brings Integrated SIEM and XDR Tools to Defender and Azure Sentinel

Microsoft Brings Integrated SIEM and XDR Tools to Defender and Azure Sentinel

Understanding How Azure Sentinel and Entity Behavior Analytics Deliver Actionable Intelligence

Understanding How Azure Sentinel and Entity Behavior Analytics Deliver Actionable Intelligence

A Deep Dive Into How to Use Azure Sentinel

A Deep Dive Into How to Use Azure Sentinel

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service

Azure Sentinel Event Grouping is in Public Preview

2 months ago
Playbooks & Watchlists Part 1: Inform the subscription owner

Playbooks & Watchlists Part 1: Inform the subscription owner

5 months ago
CyberSheath Selected to Join Microsoft Intelligent Security Association

CyberSheath Selected to Join Microsoft Intelligent Security Association

4 months ago
Critical infrastructure and industrial orgs can test Azure Defender for IoT for free

Azure Defender for IoT enters public preview

4 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

New Items of Note on the Azure Sentinel GitHub Repo

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

New Search Capability for Azure Sentinel Incidents

Follow-up: Microsoft Tech Talks Practical Sentinel : A Day in the Life of a Sentinel Analyst

Changes in How Running Hunting Queries Works in Azure Sentinel

Azure Sentinel can now Analyze All Available Azure Active Directory Log Files

Trending

What’s new: Microsoft Teams connector in Public Preview
IR

How to Generate Azure Sentinel Incidents for Testing

by Azure Sentinel News Editor
February 26, 2021
0

Do you want to generate an Incident in Azure Sentinel for testing/demoing? Here’s a couple easy ways...

What’s new: Microsoft Teams connector in Public Preview

Azure Sentinel Notebooks Loses It’s Preview Tag

February 25, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting

February 22, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

New Items of Note on the Azure Sentinel GitHub Repo

February 18, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

February 17, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to Generate Azure Sentinel Incidents for Testing February 26, 2021
  • Azure Sentinel Notebooks Loses It’s Preview Tag February 25, 2021
  • The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting February 22, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News