Skip to main content

Posts

Showing posts from October, 2019

Overview of Azure Sentinal

On 26th Sept, Microsoft announced 'Azure Sentinal' cloud-born SIEM in GA. Here below some of the key facts, you must be aware of, related to security. Azure Sentinal is a cloud-based SIEM build with AI & ML which analyzes the TBs of data in minutes and prompt you about any security-related inconsistency followed by defining actions. No matter your applications, users, servers, and devices are on the hybrid, on-prem and any cloud other than Azure, all can be integrated using built-in connectors. It enables you to bring your own insights, tailored detection, machine learning models, and threat intelligence. You can configure alerts, playbook, logic app flows as your actions on detected threats. Use cases In case, you have clients who have more interaction with government officials through their applications may have a threat of stealing data from malicious users. Accounts may be brute-forced for such tenants to gain privileged access. Using SIEM as a servic