Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. It’s your birds-eye view of the enterprise, alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.
Security and Compliance
Sentinel is a Security Information and Event Management software product (SIEM).
Log collection (NOT real-time analysis)
Event correlation and incident investigation
Compliance and incident response capabilities
Automated responses to alerts and threats via Playbooks
Threat hunting - proactive investigations
Ingest logs from almost any server source, including alerts from a CASB
Robust dashboards that have *some* overlap with CASB capabilities such as password attacks, AI analysis and more.