Azure Sentinel
Sentinel is a security information and event management (SIEM) tool.
Step 1: Data Collection Step 2: Aggregation and Normalization Step 3: Analysis and Threat Detection Step 4: Things Happen (Mostly Magic) Step 5: Take Action
Benefits and Features
- Behavioral Analytics - Sentinel uses artificial intelligence to learn if any detected behavior is unusual.
- AWS Integration - Data from AWS services can be fed directly into Sentinel. This gives you one approach for threat detection across your multi-cloud infrastructure.
- Cloud Scale Sentinel can take advantage of the Azure cloud scale and deliver more accurate results fast.