What is Microsoft Azure Sentinel? Cloud-native SIEM.

What is Microsoft Azure Sentinel? Cloud-native SIEM.



Microsoft Azure Sentinel is a new Cloud-native SIEM service with built-in AI for analytics that removes the cost and complexity of achieving a central and focused near real-time view of the active threats in your environment. Koby Koren from the Azure Sentinel engineering team walks through the entire solution with an end-to-end demonstration from how to set it up, perform queries, investigations and more.

Azure Sentinel is in preview today. Follow the link to try for yourself

7 thoughts on “What is Microsoft Azure Sentinel? Cloud-native SIEM.

  1. Thank you for the overview! This is going to be a serious game changer in the SIEM space, native-cloud or not.

  2. What brought me to Sentinel was the nod from the security researcher's analysis of the Swedish company being hit by ransomware whose primary replication tactic was creation of scheduled tasks and Sentinel has the ability to alert on suspicious tasks running on critical systems. Thank you for the concise overview of Sentinel's capabilities!

  3. I have to admit… i really like these Microsoft Mechanics videos… I learn so much about new updates that are being released.

  4. Looks interesting, I'll have to test time from event on monitored onprem service to being visible in Sentinel, as I think that'll be key in selling it to my CISO.
    But we're on the lookout for a new SIEM system. I'm very tempted.

Leave a Reply

Your email address will not be published. Required fields are marked *