WHAT IS MICROSOFT SENTINEL?
Intelligent Security Analytics for Your Entire Business
Microsoft Sentinel (formerly Azure Sentinel) is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise—fast. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds. It includes built-in connectors for easy onboarding of popular security solutions. Collect data from any source with support for open standard formats like CEF and Syslog.
FEATURES
COLLECT
Collect data at cloud scale – across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
DETECT
Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
INVESTIGATE
Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
RESPOND
Respond to incidents rapidly with built-in orchestration and automation of common tasks