sb-eu logo
Story image

Microsoft announces Azure Sentinel SIEM general availability

26 Sep 2019

Microsoft has announced the general availability of its cloud-native security information and event management (SIEM) solution this week.

Azure Sentinel provides intelligent security analytics through the cloud for enterprises, designed to address the modern challenges of security analytics.

The solution, which first launched as a public preview earlier this year, gleaned feedback from 12000 customers and analysed two petabytes of data. Microsoft says that the feedback and data had a common theme: Defenders needed the ability to be nimble and efficient in their cybersecurity.

According to Microsoft cybersecurity solutions group corporate vice president Ann Johnson, traditional SIEM solutions simply have not kept up with digital changes.

“I commonly hear from customers that they’re spending more time with deployment and maintenance of SIEM solutions, which leaves them unable to properly handle the volume of data or the agility of adversaries,” says Johnson.

Enterprises anchor their security operations with SIEM systems. More are also turning to machine learning algorithms as part of their analytics tools.

“Traditional on-premises SIEMs require a combination of infrastructure costs and software costs, all paired with annual commitments or inflexible contracts. We are removing those pain points, since Azure Sentinel is a cost-effective, cloud-native SIEM with predictable billing and flexible commitments,” explains Johnson.

Fashion retailer ASOS is one customer that deployed Azure Sentinel, which integrates data from Azure Active Directory, Azure Security Center, and Microsoft 365. It can now spot threats early and cut issue resolution times in half.

“There are a lot of threats out there,” comments ASOS cyber security operations lead Stuart Gregg.

“You’ve got insider threats, account compromise, threats to our website and customer data, even physical security threats. We’re constantly trying to defend ourselves and be more proactive in everything we do.”

Greg says ASOS found that Azure Sentinel was easy to set up and now provides data in one single system, rather than separate systems.

“We can literally click a few buttons and all our security solutions feed data into Azure Sentinel.”

Microsoft is also continuing to innovate in Azure Sentinel, with the core ability to connect to any data source, no matter where it is located.

“We continue to add new connectors to different sources and more machine learning-based detections,” says Johnson.

“Azure Sentinel will also integrate with Azure Lighthouse service, which will enable service providers and enterprise customers with the ability to view Azure Sentinel instances across different tenants in Azure.”

Story image
Attivo Networks highlights CISOs top concerns following move to remote working
“Much of this year's research indicates a continued demand for in-network detection that works reliably across existing and emerging attack surfaces and is effective against all attack vectors."More
Story image
MEF grants 3.0 SD-WAN certification to Fortinet
MEF has recently certified Fortinet’s Secure SD-WAN offering as being able to support MEF 3.0 SD-WAN services.More
Story image
Fortinet resolves to help communities through new Corporate Foundation
“Through the establishment of a Corporate Foundation, we are extending investments in security training and education, employee community engagement and disaster relief efforts to empower and protect our communities, as well as positively impact our business, employees, customers and shareholders.”More
Story image
Gartner recognises Pulse Secure for Zero Trust Network Access solution
In the market guide, Gartner states that ZTNA augments traditional VPN technologies for application access, and removes the excessive trust once required to allow employees and partners to connect and collaborate. More
Story image
Milestone adds XProtect to AWS marketplace
The XProtect product is a video management platform designed for surveillance and security.More
Story image
Inteview: Mimecast security expert on why email attacks are more successful than ever
Techday spoke to Mimecast Australia principal technical consultant Garrett O’Hara, who walks through why security experts are becoming increasingly pessimistic about email-borne attacks.More