What is Azure Sentinel, and how does it work?

Saurabh Sharma 17,291 Reputation points Microsoft Employee
2020-05-06T20:40:44.733+00:00

I want to understand what Azure Sentinel is, and how does it work?

[Note: As we migrate from MSDN, this question has been posted by an Azure Cloud Engineer as a frequently asked question]

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
606 questions
No comments
{count} votes

Accepted answer
  1. Marilee Turscak-MSFT 20,516 Reputation points Microsoft Employee
    2020-05-06T20:47:16.72+00:00

    Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds. It includes built-in connectors for easy onboarding of popular security solutions. You can collect data from any source with support for open standard formats like CEF and Syslog.

    Source: https://azure.microsoft.com/en-us/services/azure-sentinel/#customer-stories

    No comments

0 additional answers

Sort by: Most helpful