Microsoft Azure Sentinel Security Analytics Preview Released!

Microsoft are always looking for ways to improve security because as we all know new threats and vulnerabilities are being found all the time, its pretty much a never ending battle. Microsoft have released a statistic predicting a shortfall of 3.5 million security professionals by 2021 increasing strain on existing security teams. This new cloud based solution is set to combat these threats, it provides security analytics and makes it easier to collect data from the whole environment (even hybrid ones)! This solution uses the power of AI to filter and ensure it is identifying real time threats quickly and helps get rid of the time and cost of setting up and maintaining the whole infrastructure.

As this is a cloud based solution it can be scaled quickly to be ready for any security need. Another benefit of this is the low cost, as you are not paying for maintaining any infrastructure; you are only paying for what you use! This solution also allows you to combine security data from users, endpoint applications and third-party data all into one place so you can understand all points of an attack.

Some of the key features of this include:

Collecting data across the organisation with ease

With Azure Sentinel administrators can combine all of their security data into one place with Microsoft’s inbuilt connectors, this also includes support for standard log formats like syslog. It only takes a minute to import all your data into the solution at no charge and then combine it with of your security data so this can be analysed. Sentinel uses the ‘Azure Monitor’ which has been proved to be able to process over 10 petabytes of data while being able to query super fast at the same time.

Analysing and detecting threats in quick time using AI!

One of the biggest challenges security teams face is the sheer amount of alerts they receive, the issue with this is the most important ones can get lost among the less important alerts. Using AI algorithms and machine learning. One of the ways it uses this technology is by correlating millions of anomalies in order to identify high priority security alerts. In turn Microsoft have seen reductions of up to 90% of alerts leaving space for the critical alerts to be dealt with.

For more information from Microsoft themselves click here.

To get this feature you can find it in your Azure Portal!

About the author