Azure Sentinel Preview
Standing watch, by your side. Intelligent security analytics for your entire enterprise.
Build next-generation security operations with cloud and AI
See and stop threats before they cause harm, with SIEM reinvented for a modern world. Azure Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs.
Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft.
Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft.
Respond to incidents rapidly with built-in orchestration and automation of common tasks.
Limitless cloud speed and scale
Invest in security, not infrastructure setup and maintenance with first cloud-native SIEM from a major cloud provider. Never again let a storage limit or a query limit prevent you from protecting your enterprise. Start using Azure Sentinel immediately, automatically scale to meet your organizational needs, and only pay for the resources you need.
AI on your side
Focus on finding real threats quickly. Reduce noise from legitimate events with built-in machine learning and knowledge based on analyzing trillions of signals daily. Accelerate proactive threat hunting with pre-built queries based on years of security experience. View a prioritized list of alerts, get correlated analysis of thousands of security events within seconds, and visualize the entire scope of every attack. Simplify security operations and speed up threat response with integrated automation and orchestration of common tasks and workflows.See how Microsoft drives deep insights based on trillions of signals every day
Free Office 365 data import
Connect with data from your Microsoft products in just a few clicks, import Office 365 data for free, and analyze and draw correlations to deepen your intelligence.
A match for all your tools
Connect to and collect data from all your sources including users, applications, servers, and devices running on-premises or in any cloud. Integrate with existing tools, whether business applications, other security products, or home-grown tools, and use your own machine-learning models. Optimize for your needs by bringing your own insights, tailored detections, machine learning models, and threat intelligence.
Azure Sentinel preview is free
There will be no charges specific to Azure Sentinel during the preview. Pricing for Azure Sentinel will be announced in the future and a notice will be provided prior to the end of the preview. Should you choose to continue using Azure Sentinel after the notice period, you will be billed at the applicable rates.
Data import from Office 365 is free. You need to be a licensed customer of Office 365 for this data import. Even during preview additional charges may be incurred related to data ingestion, automation workflows or customization of machine learning models.
Get started in three steps
Documentation and quickstarts
Start using the Azure Sentinel preview
Learn how to connect Microsoft services and third-party data sources like servers, network equipment, and security appliances including firewalls.
View and analyze your aggregated data
Get instant visualization and insights across all your connected data sources using the built-in dashboards.
Start hunting to preempt attacks
Hunt down security threats across your organization’s logs using powerful search and query tools.
Frequently asked questions about Azure Sentinel
Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise—fast. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds. It includes built-in connectors for easy onboarding of popular security solutions. Collect data from any source with support for open standard formats like CEF and Syslog.
Yes, Azure Sentinel is built on the Azure platform. It provides a fully integrated experience in the Azure portal to augment your existing services, such as Azure Security Center and Azure Machine Learning service. Create your Azure free account to get started.
Azure Sentinel integrates with many enterprise tools, including best-of-breed security products, homegrown tools, and other systems like ServiceNow. It provides an extensible architecture to support custom collectors through REST API and advanced queries. It enables you to bring your own insights, tailored detections, machine learning models, and threat intelligence.