Microsoft Launches Azure Sentinel and Threat Experts, cloud-Based Cybersecurity Tools

Microsoft, an American multinational technology company, has launched two cloud-based security tools, Azure Sentinel and Threat Experts. These tools leverage artificial intelligence to assist security professionals in providing swift response to immediate threats.

Azure Sentinel, which is billed by Microsoft as a "cloud-native Security Information and Event Management tool," can pull in large amounts of data from other cloud-based services. The tool allows users to collect data from various sources which include applications, servers, and devices running on-premises or in the cloud. Azure Sentinel also enables users to integrate with existing tools like business applications, other security applications and products, and homegrown tools.

The platform provides an ability to the users to add their own machine-learning models, as well as tailored detection, and threat intelligence. The company is relying on the AI’s capability to reduce noise from legitimate events with integrated machine learning models and knowledge based on analyzing trillions of signals daily. The Azure Sentinel tool can accelerate proactive threat hunting with pre-built queries based on years of security experience, allowing users to view a prioritized list of alerts, get a correlated analysis of various security events, and predict the scope of each attack. Furthermore, the platform also supports open standards like Common Event Format and broad partner connections, which includes Microsoft Intelligent Security Association partners such as Check Point, Cisco, F5, Fortinet, Palo Alto, Symantec, and broader ecosystem partners like ServiceNow.

Microsoft’s second cloud-based tools, Threat Experts is a service within Windows defender ATP that provides managed hunting to assist in improving the capability of an organization’s security operations central team. The platform will allow Microsoft to analyze security data for the most critical threats, which includes hands-on-keyboard attacks, human adversary intrusions, and advanced attacks like cyber espionage. Threat Experts will help an organization’s security team in prioritizing the most critical risks.