Microsoft has reinvented the SIEM for the modern world, and your organization can now see and stop threats before they cause harm. This is pro-Active Cyber Security with Azure Sentinal.
Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs.
Azure Sentinel supports open standards such as Common Event Format (CEF) and broad partner connections, including Microsoft Intelligent Security Association partners such as Check Point, Cisco, F5, Fortinet, Palo Alto Networks and Symantec, as well as broader ecosystem partners such as ServiceNow.
Azure Sentinel is able to ingest events from several Microsoft and non-Microsoft platforms, including: Azure AD Identity Protection, Microsoft Cloud Application Security, Azure Security Center, Microsoft Graph Security API, DNS, Syslog and third party telemetry including F5, Palo Alto Networks, Checkpoint, and Cisco ASA.
Azure Sentinel uses state of the art, scalable machine learning algorithms to correlate millions of low fidelity anomalies to present a few high fidelity security incidents to the analyst. ML technologies will help you quickly get value from large amounts of security data you are ingesting and connect the dots for you.
For example, you can quickly see a compromised account that was used to deploy ransomware in a cloud application. This helps reduce noise drastically, in fact we have seen an overall reduction of up to 90 percent in alert fatigue during evaluations
Additional automation opportunities exist, through the use of Azure Logic Apps, a cloud-based workflow platform, which includes an out-of-box connector that allows developers to listen for Azure Sentinel events.
Collect data at cloud scale—across all users, devices, applications, and infrastructure
Detect previously uncovered threats and minimize false positives
Investigate threats with AI and hunt suspicious activities
Respond to incidents rapidly with built-in orchestration and automation
Azure Sentinel preview is free
No Limits – cloud speed and scale
Invest in security, not infrastructure setup and maintenance with first cloud-native SIEM from Microsoft. Never again let a storage limit or a query limit prevent you from protecting your enterprise. Azure Sentinel is available immediately, you can automatically scale to meet your organizational needs, and only pay for the resources you need.
Free Office 365 data import
Connect with data from your Microsoft products in just a few clicks, import Office 365 data for free, and analyze and draw correlations to deepen your intelligence.
You have AI on your side
Now you can focus on finding real threats quickly and reduce noise from legitimate events with built-in machine learning and knowledge based on analyzing trillions of signals daily.