I’m thrilled to announce Forrester Research has named Microsoft Azure Sentinel as a “Leader” in The Forrester Wave: Security Analytics Platform Providers, Q4 2020. When we liberated Azure Sentinel almost a year ago–the industry’s first cloud-native SIEM on a major public cloud–our goal was to provide a new, innovative approach to help organisations modernise security runnings. We’ve been excited and humbled to see enthusiastic adoption across verticals like IT, financial services, e-commerce, big data, and other industries. It’s been particularly fulfilling to work alongside many of you to see the unique routes that Azure Sentinel can improve its own security operations.
Today–and this year more than ever–security operations centres( SOCs) are being asked to do more with less, all while guaranteeing a decentralized digital manor. We’re honored that in this time of transformative change, Azure Sentinel can help security teams achieve this goal.
The Azure Sentinel eyesight
We are especially honored to see that Azure Sentinel received the top ranking in the “Strategy” category because one of our core values is to enable SecOps teams to do more with less by providing a different path forward than traditional, on-premises SIEMs. The key lies in Azure Sentinel’s cloud-native nature. For many of our patrons, moving to the cloud has been a transformative alteration. At Avanade, for example, moving to Azure Sentinel enabled the security team to shift their focus from on-premises management and instead spend time on strategic work to make their organization safer. As a cloud-native SIEM, Azure Sentinel induces it easy to deploy, scale, and use. You can compile, correlate, and analyze data across customers, devices, applications, and infrastructure at cloud scale–on premises and in multiple clouds. And instead of investing time and fund into inflexible infrastructure, you only pay for the resources you need.
Azure Sentinel helps you detect and analyse threats more efficiently by harnessing AI. Azure Sentinel use a technique called Fusion to find threats that fly under the radar by mix low faithfulnes, “yellow” anomalous activities into high fidelity “red” incidents. Fusion blends data from disparate data sets across both Microsoft and collaborator data sources, then utilizes graph-based machine learning and a probabilistic kill chain to produce high-fidelity alerts. This process reduces alarm wearines by 90 percentage, ensuring that SecOps teams are only spending time on real, actionable alerts. And with integrated automation, it further optimizes your team’s time by automating responses to common tasks.
With these innovations, we’ve helped our customers protect their organizations more efficiently–like at ASOS, where the SecOps team cut issue resolution times in half, or at ABM Industry, where the security team reduced the number of alarms they analyze by 50 percent .
Our goals are not just limited to transforming the SIEM market. In September, we shared our vision for how organizations can get fight threats in today’s complex landscape with integrated SIEM and Extended Detection and Response( XDR ) from a single dealer. With this combination, you get the best of both worlds–end-to-end menace visibility across all your resources; correlated, prioritized alarms based on Microsoft’s deep understanding of specific resources with AI that sews that signal together; and coordinated action across the organization. That’s why we’ve optimized Azure Sentinel for ease of integration across Microsoft products, furnish many sources of Microsoft 365 data ingestion for free, and have recently launched a Microsoft 365 data grant benefit to help you realize even more value from integrated security.
Just getting started
We’re constantly working with spouses and clients on ways to improve Azure Sentinel–and we’re only just getting started. Here are just a few of the innovations we announced at Microsoft Ignite 2020 😛 TAGEND
User and Entity Behavioral Analytics( UEBA ), to pinpoint unknown and insider menaces. The ability to build your own ML modelings. Threat Intelligence improvements, including threat indicator management. Watchlists to eliminate time-consuming manual analysis of external data sources, enabling you to correlate security events with other non-security data sources. Many new connectors to simplify data collection.
We have no plans to slow down. With innovations still to come, the best days of Azure Sentinel are still ahead of us.
In the meantime, Azure Sentinel’s performance in the Forrester Wave is an encouraging sign that we’re on the right track with our pilgrimage to streamline and strengthen your security–eliminating the complexity of an on-premises infrastructure, saving expenses, and enabling SecOps to be more efficient than ever.
To all our patrons, thanks for coming with us on this expedition. Keep the feedback coming–Eric
Click here to read a courtesy copy of The Forrester Wave: Security Analytics Platform Providers, Q4 2020.
With integrated SIEM and XDR, you get the best of both worlds. To help you take advantage of this integrated security approach, Microsoft is currently running an Azure Sentinel benefit for Microsoft 365 E5 customers.
From November 1, 2020, through May 1, 2021, Microsoft 365 E5 and Microsoft 365 E5 Security patrons can get Azure credits for the costs of up to 100 MB per user per month of included Microsoft 365 data ingestion into Azure Sentinel. Data sources included in this benefit include 😛 TAGEND
Azure Active Directory( Azure AD) sign-in and audit logs. Microsoft Cloud App Security shadow IT discovery logs. Microsoft Datum Protection logs. Microsoft 365 advanced hunting data( including Microsoft Defender for Endpoint logs ).
With these credits, service standards 3,500 seat deployment can see calculated savings of up to $ 1,500 per month. This offer is available to new and present customers who have Enterprise( EA) or Enterprise Subscription( EAS) Agreements and Enrollments, and you can begin accruing credits in your first month of qualification. You can learn more about the offer here.
To learn more about Microsoft Security answers visit our website . Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are registered trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester’s call on a market and is plotted use a detailed spreadsheet with exposed ratings, weightings, and statements. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Beliefs reflect decision at the time and are subject to change.
Read more: microsoft.com