Azure Sentinel

Sentinel is a security information and event management (SIEM) tool.

Step 1: Data Collection Step 2: Aggregation and Normalization Step 3: Analysis and Threat Detection Step 4: Things Happen (Mostly Magic) Step 5: Take Action

Benefits and Features

  • Behavioral Analytics - Sentinel uses artificial intelligence to learn if any detected behavior is unusual.
  • AWS Integration - Data from AWS services can be fed directly into Sentinel. This gives you one approach for threat detection across your multi-cloud infrastructure.
  • Cloud Scale Sentinel can take advantage of the Azure cloud scale and deliver more accurate results fast.