sb-eu logo
Story image

Microsoft announces Azure Sentinel SIEM general availability

26 Sep 2019

Microsoft has announced the general availability of its cloud-native security information and event management (SIEM) solution this week.

Azure Sentinel provides intelligent security analytics through the cloud for enterprises, designed to address the modern challenges of security analytics.

The solution, which first launched as a public preview earlier this year, gleaned feedback from 12000 customers and analysed two petabytes of data. Microsoft says that the feedback and data had a common theme: Defenders needed the ability to be nimble and efficient in their cybersecurity.

According to Microsoft cybersecurity solutions group corporate vice president Ann Johnson, traditional SIEM solutions simply have not kept up with digital changes.

“I commonly hear from customers that they’re spending more time with deployment and maintenance of SIEM solutions, which leaves them unable to properly handle the volume of data or the agility of adversaries,” says Johnson.

Enterprises anchor their security operations with SIEM systems. More are also turning to machine learning algorithms as part of their analytics tools.

“Traditional on-premises SIEMs require a combination of infrastructure costs and software costs, all paired with annual commitments or inflexible contracts. We are removing those pain points, since Azure Sentinel is a cost-effective, cloud-native SIEM with predictable billing and flexible commitments,” explains Johnson.

Fashion retailer ASOS is one customer that deployed Azure Sentinel, which integrates data from Azure Active Directory, Azure Security Center, and Microsoft 365. It can now spot threats early and cut issue resolution times in half.

“There are a lot of threats out there,” comments ASOS cyber security operations lead Stuart Gregg.

“You’ve got insider threats, account compromise, threats to our website and customer data, even physical security threats. We’re constantly trying to defend ourselves and be more proactive in everything we do.”

Greg says ASOS found that Azure Sentinel was easy to set up and now provides data in one single system, rather than separate systems.

“We can literally click a few buttons and all our security solutions feed data into Azure Sentinel.”

Microsoft is also continuing to innovate in Azure Sentinel, with the core ability to connect to any data source, no matter where it is located.

“We continue to add new connectors to different sources and more machine learning-based detections,” says Johnson.

“Azure Sentinel will also integrate with Azure Lighthouse service, which will enable service providers and enterprise customers with the ability to view Azure Sentinel instances across different tenants in Azure.”

Story image
D-Link unveils new AI-powered cameras
The two new intelligent camera solutions offer advanced artificial intelligence, see-in-the-dark capability and improved interoperability.More
Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Average cost of insider attack $2 million - Bitglass
A report has found 61% of companies had an insider attack in past year.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Global DDoS attacks: What they are, how they work, and how to defend against them
Do not pay the ransom, and do make sure you've got strong DDoS protection, security firms warn.More