Azure Sentinel is Now Generally Available
After a good half-yearly test phase Microsoft announced the availability of Azure Senitnel. Azure Sentinel is a cloud-native Security Information and Event Management (SIEM) system that provides intelligent security and threat analysis for enterprise customers. It provides a comprehensive solution for alert and threat detection. Microsoft emphasizes the benefits of rapid deployment, eliminating the need to set up and scale a SIEM. The fact that Azure Sentinel is only billed according to the volume of data also contributes to cost efficiency.
Azure Sentinel obtains its data from the complete infrastructure of a company. Users, applications, devices, servers or services are considered; both on premise and in the cloud. Azure Sentinel is closely networked with Azure Security Center, Azure Active Directory and Microsoft 365. The collected data is processed and analyzed using AI functions. In addition, administrators can automate recurring tasks.
Source: Microsoft