sb-as logo
Story image

Microsoft announces Azure Sentinel SIEM general availability

26 Sep 2019

Microsoft has announced the general availability of its cloud-native security information and event management (SIEM) solution this week.

Azure Sentinel provides intelligent security analytics through the cloud for enterprises, designed to address the modern challenges of security analytics.

The solution, which first launched as a public preview earlier this year, gleaned feedback from 12000 customers and analysed two petabytes of data. Microsoft says that the feedback and data had a common theme: Defenders needed the ability to be nimble and efficient in their cybersecurity.

According to Microsoft cybersecurity solutions group corporate vice president Ann Johnson, traditional SIEM solutions simply have not kept up with digital changes.

“I commonly hear from customers that they’re spending more time with deployment and maintenance of SIEM solutions, which leaves them unable to properly handle the volume of data or the agility of adversaries,” says Johnson.

Enterprises anchor their security operations with SIEM systems. More are also turning to machine learning algorithms as part of their analytics tools.

“Traditional on-premises SIEMs require a combination of infrastructure costs and software costs, all paired with annual commitments or inflexible contracts. We are removing those pain points, since Azure Sentinel is a cost-effective, cloud-native SIEM with predictable billing and flexible commitments,” explains Johnson.

Fashion retailer ASOS is one customer that deployed Azure Sentinel, which integrates data from Azure Active Directory, Azure Security Center, and Microsoft 365. It can now spot threats early and cut issue resolution times in half.

“There are a lot of threats out there,” comments ASOS cyber security operations lead Stuart Gregg.

“You’ve got insider threats, account compromise, threats to our website and customer data, even physical security threats. We’re constantly trying to defend ourselves and be more proactive in everything we do.”

Greg says ASOS found that Azure Sentinel was easy to set up and now provides data in one single system, rather than separate systems.

“We can literally click a few buttons and all our security solutions feed data into Azure Sentinel.”

Microsoft is also continuing to innovate in Azure Sentinel, with the core ability to connect to any data source, no matter where it is located.

“We continue to add new connectors to different sources and more machine learning-based detections,” says Johnson.

“Azure Sentinel will also integrate with Azure Lighthouse service, which will enable service providers and enterprise customers with the ability to view Azure Sentinel instances across different tenants in Azure.”

Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
Malware variants becoming increasingly prevalent, sophisticated and evolved
"The modern threat landscape and ongoing evolution of malware are loud factors pushing every business to understand and identify modern malware threats and the necessary precautions to take to protect against them."More
Story image
App security not keeping up with rapid development — Radware
“With more than 70% of respondents reporting that their production apps have already left the data centre, ensuring the security and integrity of these data and applications is becoming more challenging, particularly in multi-cloud environments.”More
Story image
SMEs treading water against 'endless volley' of cyber-attacks — report
According to a new report from Cynet, these SMEs are resorting to outsourcing some aspects of their threat mitigation in order to safeguard IT assets, as a result of the heightened risk of serious breaches.More
Story image
McAfee names ThreatQ innovation partner of the year
ThreatQuotient has been named McAfee Global Security Innovation Alliance Partner of the Year for the second consecutive year.More
Story image
Phishing email attacks targeting remote workers on the rise
“Just because employees may be more used to their home office environment doesn’t mean that they can let their guard down."More