Latest Posts

Azure Sentinel / Microsoft Sentinel

Azure Sentinel / Microsoft Sentinel

  • Azure Sentinel is now called Microsoft Sentinel.
  • Definition: Sentinel is a security information and event management tool.
  • This is a widely used and common tool for any cloud infrastructure and works like this: Microsoft Sentinel
    • Step 1: Data is collected from a range of sources, such as your network controllers, virtual machines, DNS traffic managers, and much more.
    • Step 2: The data is aggregated and normalized. This just means that it's sort of sorted and made a bit more usable.
    • Step 3: The data is analyzed, and any threats are detected.
    • Step 4: Then Sentinel does some background work with the data collected.
    • Step 5: Then any security breaches and threats are identified, and you can investigate and take appropriate action.
  • In other words, Sentinel will do most of the heavy lifting before you even start investigating a potential security alert.
  • One of the features that set Sentinel apart from other SIEMs is behavioral analytics.
  • Using artificial intelligence, Sentinel will learn about patterns and behaviors to identify if something is out of the ordinary.
  • AWS integration. You can get all the data from your AWS services fed directly into Sentinel for analysis and threat detection.
  • Limitless speed and scale. Sentinel will take advantage of the huge resources on Azure to be even faster and scale to match your needs.

We value your Feedback:

Page URL:







Microsoft Sentinel
© 2024 Code SharePoint