Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home SIEM

Microsoft introduces integrated Darktrace-a-like, Azure Sentinel

Azure Sentinel News Editor by Azure Sentinel News Editor
November 19, 2020
in SIEM
0
Microsoft introduces integrated Darktrace-a-like, Azure Sentinel
4.4kViews
1009 Shares Share on Facebook Share on Twitter

Sentinel works only with an Azure subscription to augment existing services such as Azure Security Centre

Microsoft has announced an AI-powered security solution called Sentinel that is designed to integrate with the Azure public cloud platform, to comb for and predict threats from large volumes of data at enterprise scale.

The company announced the platform ahead of the major RSA security conference taking place in San Francisco this week.

Sentinel works only with an Azure subscription, where Microsoft said it will provide a “fully integrated experience in the Azure portal” to augment existing services such as Azure Security Centre and Azure Machine Learning.

Microsoft claimed that by running Sentinel, the company has seen an “overall reduction of up to 90 per cent in alert fatigue” with early adopters, i.e. it is supposedly cutting through the noise and surfacing actual threats rather than false positives.

To put it (perhaps too) crudely, you could think of Sentinel as a Darktrace-a-like for existing Azure customers who want to plump for Azure expertise straight from the source rather than externally, although it will work with third-party providers, such as security and event management vendors, as well as workflow management systems such as SystemNow.

The idea is that it will provide an “extensible architecture” to “support custom collectors through REST API and advanced queries”, so an organisation’s existing data can feed into Sentinel for better customisation.

However, it’s clear that the product could carve a niche in mostly Microsoft shops: Sentinel can, for example, integrate with Office cloud data such as that pulled from email spam.

Microsoft is promoting Sentinel’s ability to operate at scale, too, as well as the usual messaging about freeing up employee time by automating the dreary tasks.

The company says on the Sentinel website: “Invest in security, not infrastructure setup and maintenance, [with the] first cloud-native SIEM from a major public cloud provider.

“Never again let a storage limit or a query limit prevent you from protecting your enterprise.”

The major cloud players are increasingly touting their security nous as major selling points for their platforms.

Bloomberg notes that Microsoft stressed how it was recently integral in helping finance companies head off hacks that were siphoning money to “foreign bank accounts”, as well as hobbling systems in the process.

The company also announced Microsoft Threat Experts, which is a service that sits in Windows Defender ATP to provide “managed hunting” to “extend the capability of a businesses’ security operations centre team” – looking for indicators of successful attacks within company data.

The announcement fits in with the company’s Enterprise Mobility and Security product for Office 365 productivity apps, which we profiled towards the end of 2017.

Reference: https://www.arnnet.com.au/article/658395/microsoft-introduces-integrated-darktrace-a-like-azure-sentinel/

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

March 5, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021
What’s new: Microsoft Teams connector in Public Preview
SIEM

Changes in How Running Hunting Queries Works in Azure Sentinel

February 11, 2021
Next Post
Security Unlocked—A new podcast exploring the people and AI that power Microsoft Security solutions

Security Unlocked—A new podcast exploring the people and AI that power Microsoft Security solutions

Microsoft’s Azure Defender for IoT Uses CyberX Tech

Microsoft's Azure Defender for IoT Uses CyberX Tech

The top Azure announcements from Microsoft Ignite 2020

The top Azure announcements from Microsoft Ignite 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

Vectra AI and Microsoft partner on security integration

Replay Now Available – Microsoft Security Insights 036: Azure Sentinel with Rod Trent

4 weeks ago
Improve security with Azure Sentinel, a cloud-native SIEM and SOAR solution

Unleash the Rosetta Stone of Schema Knowledge for Your Azure Sentinel Data

2 months ago
What’s new: Microsoft Teams connector in Public Preview

How to Make Your Azure Sentinel Workbooks Even More Interactive with Drilldowns and Downloads

2 months ago
Auditing Azure Sentinel activities

Auditing Azure Sentinel activities

4 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

Azure Sentinel Weekly Newsletter

How to Generate Azure Sentinel Incidents for Testing

Trending

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SOC

How to be Mindful Against Dupes and Noise with the new Azure Sentinel/M365 Defender Integration

by Azure Sentinel News Editor
March 8, 2021
0

I’ve spent a good amount of time so far on this blog talking about steps on how...

With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

March 5, 2021
Vectra AI and Microsoft partner on security integration

How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks

March 4, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

March 3, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to be Mindful Against Dupes and Noise with the new Azure Sentinel/M365 Defender Integration March 8, 2021
  • Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA March 5, 2021
  • How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks March 4, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News