Ahead of this year’s RSA security conference, Microsoft has introduced a new cloud service designed to help customers manage their security efforts while also giving them access to its own security staff for expert customer support.
Azure Sentinel is a cloud-based security information and event management (SIEM) service that gives customers the ability to view and respond to security alerts and threats across their corporate networks.
Microsoft’s new service will cover applications running across multiple public clouds and hybrid cloud as well as organization’s own SIEM software.
The company also introduced a new feature called Microsoft Threat Experts which allows Windows Defender ATP customers to ask an expert for help right from their dashboards. In addition to asking questions on cybersecurity issues, customers will be able to include their application or network data alongside their request to help both sides resolve issues more quickly.
AI-powered security analysis
Today’s SecOps teams are overwhelmed by a very high volume of alerts and spend too much time devoted to tasks such as infrastructure setup and maintenance. This is why Azure Sentinel utilizes intelligent security analytics at cloud scale across your entire enterprise.
The service makes it easy for IT teams to collect security data across their entire hybrid organization from devices, to users, to apps, to servers on any cloud.
Through the use of AI, Azure Sentinel is able to ensure that users are identifying real threats and the service helps free them from traditional SIEMs by eliminating the need to spend valuable time setting up, maintaining and scaling infrastructure.
Azure Sentinel is currently available in preview from the Azure portal with a full release coming in the future.