Skip to main content
IN PREVIEW

Azure Sentinel launches new analytics, threat intelligence, and data collection features

Published date: September 22, 2020

Azure Sentinel, a cloud-native Security Information and Event Management (SIEM) solution, is helping organizations modernize security operations. New analytics, threat intelligence and data collection capabilities empower defenders to combat rapidly evolving threats with increased efficiency.

The latest innovations include:

  • Built-in behavioral analytics powered by Microsoft s proven User and Entity Behavior Analyitcs (UEBA) platform, which helps identify anomalies and extract behavioral insights for threat hunting and detection. Insights are aggregated across multiple data sources to provide a unified host or user profile. For customers that want to bring their own ML models for advanced data analysis, Azure Sentinel now integrates with Azure Machine Learning Jupyter notebooks and offers a framework and cloud-scale data pipeline for ML using Azure Databricks.
  • Bring your own Machine Learning. For customers that want to bring their own ML models for advanced data analysis, Azure Sentinel now integrates with Azure Machine Learning Jupyter notebooks and offers a framework and cloud-scale data pipeline for ML using Azure Databricks.
  • Improvements that make it easier for customers to manage threat intelligence, including the ability to search, add and track threat indicators, and create watchlists for threat hunting and detection (e.g., restricted IPs, trusted systems, critical assets, risky users, vulnerable hosts).
  • New data connectors, including for Microsoft Teams, Microsoft 365, and other clouds and data collection pipelines.

Visit the Azure Sentinel Documentation.

Learn more in the Azure Sentinel blog.

  • Microsoft Sentinel
  • Security

Related Products