sb-as logo
Story image

Microsoft announces Azure Sentinel SIEM general availability

26 Sep 2019

Microsoft has announced the general availability of its cloud-native security information and event management (SIEM) solution this week.

Azure Sentinel provides intelligent security analytics through the cloud for enterprises, designed to address the modern challenges of security analytics.

The solution, which first launched as a public preview earlier this year, gleaned feedback from 12000 customers and analysed two petabytes of data. Microsoft says that the feedback and data had a common theme: Defenders needed the ability to be nimble and efficient in their cybersecurity.

According to Microsoft cybersecurity solutions group corporate vice president Ann Johnson, traditional SIEM solutions simply have not kept up with digital changes.

“I commonly hear from customers that they’re spending more time with deployment and maintenance of SIEM solutions, which leaves them unable to properly handle the volume of data or the agility of adversaries,” says Johnson.

Enterprises anchor their security operations with SIEM systems. More are also turning to machine learning algorithms as part of their analytics tools.

“Traditional on-premises SIEMs require a combination of infrastructure costs and software costs, all paired with annual commitments or inflexible contracts. We are removing those pain points, since Azure Sentinel is a cost-effective, cloud-native SIEM with predictable billing and flexible commitments,” explains Johnson.

Fashion retailer ASOS is one customer that deployed Azure Sentinel, which integrates data from Azure Active Directory, Azure Security Center, and Microsoft 365. It can now spot threats early and cut issue resolution times in half.

“There are a lot of threats out there,” comments ASOS cyber security operations lead Stuart Gregg.

“You’ve got insider threats, account compromise, threats to our website and customer data, even physical security threats. We’re constantly trying to defend ourselves and be more proactive in everything we do.”

Greg says ASOS found that Azure Sentinel was easy to set up and now provides data in one single system, rather than separate systems.

“We can literally click a few buttons and all our security solutions feed data into Azure Sentinel.”

Microsoft is also continuing to innovate in Azure Sentinel, with the core ability to connect to any data source, no matter where it is located.

“We continue to add new connectors to different sources and more machine learning-based detections,” says Johnson.

“Azure Sentinel will also integrate with Azure Lighthouse service, which will enable service providers and enterprise customers with the ability to view Azure Sentinel instances across different tenants in Azure.”

Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More
Story image
IBM Security completes industry first with updates to Cloud Pak for Security solution
"With these updates, we will be the first in the industry to bring together external threat intelligence and threat management alongside data security and identity."More
Story image
The three-pronged security approach that confronts security breaches head-on
Having these three processes working in tandem is key to cushioning the blow of a breach - which, if insufficiently protected, can take on average 279 days to contain and costs an average of almost US$4 million.More
Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More
Story image
Palo Alto Networks extends cloud native security platform with new modules
Palo Alto Networks has announced the availability of Prisma Cloud 2.0, including four new cloud security modules, thus extending its Cloud Native Security Platform (CNSP). More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More