@Tanguy NGUYEN
Thank you for your time and patience throughout this issue! I received a response from our Azure Sentinel team and for question 4, when it comes to Salesforce, the only thing we have currently is a connector that allows us to get the logs from Salesforce into Sentinel.
Questions:
- Do you implement a vote system to ensure accuracy and integrity of the NTP source since NTP is not an authenticated protocol, stateless?
- What are the security measures put in place by Microsoft to ensure a reliable NTP?
- Also in the context of Third-Party using a SaaS model into Azure how can they provide audit trails as such?
- Especially if they are using some Salesforce application on Azure for instance?
In regards to your questions on #1-3, I've added the Virtual Networking tag to this thread so our networking team can take a look into this issue regarding NTP.
If you'd like, you can reach out to our Azure Sentinel team via email (AzureSentinel@microsoft.com) or by their GitHub Community pages.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.