Seemingly in homage to former CEO Steve Ballmer's infamous "Developers! Developers! Developers!" keynote chant, Microsoft seems to be repeatedly beating the drum of cloud protections through a "Security! Security! Security!" typed of mindset as of late.
To that end, Microsoft announced earlier this week that Azure Sentinel, the company's cloud-native SIEM is now generally available. Azure Sentinel represents Microsoft's intelligent security analytics platform designed for scale at a cloud-level and specifically targetting various sized enterprises and workloads.
Recent research tells us that 70 percent of organizations continue to anchor their security analytics and operations with SIEM systems, and 82 percent are committed to moving large volumes of applications and workloads to the public cloud. Security analytics and operations technologies must lean in and help security analysts deal with the complexity, pace, and scale of their responsibilities. To accomplish this, 65 percent of organizations are leveraging new technologies for process automation/orchestration, while 51 percent are adopting security analytics tools featuring machine learning algorithms. This is exactly why we developed Azure Sentinel—
an SIEM re-invented in the cloud to address the modern challenges of security analytics.
In cultivating Azure Sentinel, Microsoft worked with partners to gain feedback from over 12,000 customers and two petabytes of data analysis to create a solution that empowers customers to defend their infrastructures with more efficiently.
In a new blog added to Microsoft Security, the company shares details about how successful some of its partners have already become successful with their own anecdotes of Azure Sentinel usage.
With these design partners, we’ve continued our innovation in Azure Sentinel. It starts from the ability to connect to any data source, whether in Azure or on-premises or even other clouds. We continue to add new connectors to different sources and more machine learning-based detections. Azure Sentinel will also integrate with Azure Lighthouse service, which will enable service providers and enterprise customers with the ability to view Azure Sentinel instances across different tenants in Azure.
For now, Azure Sentinel is in public preview and in general availability for anyone in charge of their company's more traditional SIEM's while also looking for a more cost-effective solution. For anyone still up in the air about Azure Sentinel, Microsoft will be hosting an Azure Security Expert Series tomorrow September 26, 2019, from 10-11 AM Pacific Time and signs are here.