SlideShare a Scribd company logo

Introduction to Azure Sentinel

A
arnaudlh

Microsoft Azure Sentinel is a cloud-native SIEM solution designed to enhance security operations by leveraging AI and integrating with existing tools. It enables organizations to collect, detect, and respond to threats at scale, significantly reducing alert fatigue and operational costs. Azure Sentinel allows users to harness Microsoft's extensive threat intelligence and machine learning capabilities to prioritize incidents and automate responses, improving overall security posture.

Technology
1 of 22
Downloaded 107 times
1
2
3
4
5
6
7
8
Most read
9
10
11
12
13
14
15
16
17
18
19
Most read
20
21
Most read
22
Microsoft Azure Sentinel Arnaud Lheureux Cloud Chief Security Officer One Commercial Partner Microsoft APAC Twitter: @arnaudLheureux
Security Operations Team Expanding digital estate
Too many disconnected products High volume of noisy alerts Security skills in short supplyLack of automation Rising infrastructure costs and upfront investment IT deployment & maintenance Sophistication of threats Traditional SOC Challenges
Cloud + Artificial Intelligence Security Operations Team
Introducing Microsoft Azure Sentinel Collect DetectRespond Limitless cloud speed and scale Faster threat protection with AI by your side Bring your Office 365 data for Free Easy integration with your existing tools Investigate Cloud-native SIEM for intelligent security analytics for your entire enterprise Security data across your enterprise Rapidly and automate protection Threats with vast threat intelligence and AI Critical incidents guided by AI
Microsoft Security Advantage $1B annual investment in cybersecurity 3500+ global security experts Trillions of diverse signals for unparalleled intelligence
Limitless cloud speed and scale
Focus on security, unburden SecOps from IT tasks © Microsoft Corporation Azure No infrastructure setup or maintenance SIEM Service available in Azure portal Scale automatically, put no limits to compute or storage resources
Reduce security and IT costs No infrastructure costs or upfront commitment Only pay for what you use Bring your Office 365 Data for free Cloud-native, scalable SIEM
Integrate with existing tools and data sources
Pre-wired integration with Microsoft solutions Connectors for many partner solutions Standard log format support for all sources Collect security data at cloud scale from all sources across your enterprise Proven log platform with more than 10 petabytes of daily ingestion Microsoft 365
Bring your own insights, machine learning models, and threat intelligence Tap into our security community to build on detections, threat intelligence, and response automation. Optimize for your needs © Microsoft Corporation Azure Bring your own ML Models & Threat Intelligence Security Community
Demo Overview dashboard and data collection © Microsoft Corporation Azure
AI by your side
Correlated rules User Entity Behavior Analysis integrated with Microsoft 365 Bring your own ML models Pre-built Machine Learning models Threat Detection and Analysis ML models based on decades of Microsoft security experience and learnings Millions of signals filtered to few correlated and prioritized incidents Insights based on vast Microsoft threat intelligence and your own TI Reduce alert fatigue by up to 90% Detect threats and analyze security data quickly with AI
Investigate threats with AI and hunt suspicious activities at scale, tapping into years of cybersecurity work at Microsoft © Microsoft Corporation Azure Get prioritized alerts and automated expert guidance Visualize the entire attack and its impact Hunt for suspicious activities using pre-built queries and Azure Notebooks
Respond rapidly with built-in orchestration and automation Build automated and scalable playbooks that integrate across tools ! Security Products Ticketing Systems (ServiceNow) Additional tools
Demo Threat detection, investigation and response © Microsoft Corporation Azure
Sentinel In a nutshell © Microsoft Corporation Azure Microsoft Services Analyze & Detect Investigate & Hunt Automate & Orchestrate Response Visibility Data Ingestion Data Repository Data Search Enrichment IntegrateCollect
What our partners and early adopters say about Azure Sentinel © Microsoft Corporation Azure “Azure Sentinel provides a unique and cloud centric security incident and event management solution that is both simple to deploy and able to manage complex hybrid customer environments.” Jeff Dunmall Executive Vice President of Global Managed Services “My team has the upper hand with Azure Sentinel. I get unbridled capacity, and the built-in AI and threat intelligence based on Microsoft’s years of cybersecurity experience really helps my team focus on keeping our clients secure vs managing infrastructure and threat feeds”. Andrew Winkelmann Global Security Consulting Practice Lead
Take actions today- Get started with Sentinel Connect data sources To learn more, visit https://aka.ms/AzureSentinel Start Microsoft Azure trial Open Azure Sentinel preview dashboard in Azure Portal
Thanks for your attention! Arnaud Lheureux, CISSP, CCSP https://aka.ms/arnaud Twitter : @arnaudLheureux

More Related Content

PDF
Microsoft Azure Sentinel
BGA Cyber Security
 
PPTX
Azure sentinel
Marius Sandbu
 
PDF
introduction to Azure Sentinel
Robert Crane
 
PPTX
Azure Sentinel
Cheah Eng Soon
 
PPTX
Microsoft Sentinel Deployment V1.pptx
saadatali65
 
PPTX
Azure Sentinel Jan 2021 overview deck
Matt Soseman
 
PDF
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Kranthi Aragonda
 
PPTX
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
carlitocabana
 
Microsoft Azure Sentinel
BGA Cyber Security
 
Azure sentinel
Marius Sandbu
 
introduction to Azure Sentinel
Robert Crane
 
Azure Sentinel
Cheah Eng Soon
 
Microsoft Sentinel Deployment V1.pptx
saadatali65
 
Azure Sentinel Jan 2021 overview deck
Matt Soseman
 
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Kranthi Aragonda
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
carlitocabana
 

What's hot (20)

PPTX
Azure Sentinel.pptx
Mohit Chhabra
 
PPTX
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 
PPTX
Microsoft Defender for Endpoint
Cheah Eng Soon
 
PDF
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
PDF
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
PPTX
Security operation center (SOC)
Ahmed Ayman
 
PPTX
Splunk Phantom SOAR Roundtable
Splunk
 
PPTX
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Vignesh Ganesan I Microsoft MVP
 
PPTX
cyber-security-reference-architecture
Birendra Negi ☁️
 
PDF
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
PPTX
Microsoft Defender for Endpoint Overview.pptx
BenAissaTaher1
 
PDF
Microsoft Zero Trust
David J Rosenthal
 
PDF
Azure Sentinel
Kumton Suttiraksiri
 
PDF
Azure Sentinel Tips
Mario Worwell
 
PPTX
Azure active directory
Raju Kumar
 
PPTX
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
PDF
Microsoft 365 Compliance and Security Overview
David J Rosenthal
 
PPTX
SIEM presentation final
Rizwan S
 
PDF
Microsoft Azure Security Overview
Alert Logic
 
PDF
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Azure Sentinel.pptx
Mohit Chhabra
 
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 
Microsoft Defender for Endpoint
Cheah Eng Soon
 
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Security operation center (SOC)
Ahmed Ayman
 
Splunk Phantom SOAR Roundtable
Splunk
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Vignesh Ganesan I Microsoft MVP
 
cyber-security-reference-architecture
Birendra Negi ☁️
 
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
Microsoft Defender for Endpoint Overview.pptx
BenAissaTaher1
 
Microsoft Zero Trust
David J Rosenthal
 
Azure Sentinel
Kumton Suttiraksiri
 
Azure Sentinel Tips
Mario Worwell
 
Azure active directory
Raju Kumar
 
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Microsoft 365 Compliance and Security Overview
David J Rosenthal
 
SIEM presentation final
Rizwan S
 
Microsoft Azure Security Overview
Alert Logic
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Ad

Similar to Introduction to Azure Sentinel (20)

PPTX
TechTalksUtah-Sentinel-20191108.pptx
JustineGarcia32
 
PDF
SBA Security Meetup - Deploying and managing azure sentinel as code by Bojan ...
SBA Research
 
PPTX
Azure Sentinel with Office 365
Cheah Eng Soon
 
PPTX
Modernize your Security Operations with Azure Sentinel
Cheah Eng Soon
 
PDF
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
Prometix Pty Ltd
 
PPTX
Adam ochs sentinel
Adam Ochs
 
PPTX
Microsoft Sentinel and Its Components.pptx
Infosectrain3
 
PDF
Azure Day Rome Reloaded 2019 - Azure Sentinel: set up automated threat respon...
azuredayit
 
PPTX
SC-900 Capabilities of Microsoft Security Solutions
FredBrandonAuthorMCP
 
PPTX
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Tom Janetscheck
 
PDF
L400-P1 Overview.pdf
FadhilMuhammad80
 
PDF
Azure Security Overview
David J Rosenthal
 
PPTX
Remediate and secure your organization with azure sentinel
Samik Roy
 
PDF
Nicholas DiCola | Secure your IT resources with Azure Security Center
Microsoft Österreich
 
PDF
7 Experts on Implementing Azure Sentinel
Mighty Guides, Inc.
 
PDF
do you want to know about what is Microsoft Sentinel.pdf
amilsaifi5
 
PPTX
Protect Office 365 with Azure Sentinel
Nanddeep Nachan
 
PDF
Azure Security Center
Microsoft
 
PPTX
Power of the cloud - Introduction to azure security
Bruno Capuano
 
PPTX
Power of the Cloud - Introduction to Microsoft Azure Security
Adin Ermie
 
TechTalksUtah-Sentinel-20191108.pptx
JustineGarcia32
 
SBA Security Meetup - Deploying and managing azure sentinel as code by Bojan ...
SBA Research
 
Azure Sentinel with Office 365
Cheah Eng Soon
 
Modernize your Security Operations with Azure Sentinel
Cheah Eng Soon
 
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
Prometix Pty Ltd
 
Adam ochs sentinel
Adam Ochs
 
Microsoft Sentinel and Its Components.pptx
Infosectrain3
 
Azure Day Rome Reloaded 2019 - Azure Sentinel: set up automated threat respon...
azuredayit
 
SC-900 Capabilities of Microsoft Security Solutions
FredBrandonAuthorMCP
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Tom Janetscheck
 
L400-P1 Overview.pdf
FadhilMuhammad80
 
Azure Security Overview
David J Rosenthal
 
Remediate and secure your organization with azure sentinel
Samik Roy
 
Nicholas DiCola | Secure your IT resources with Azure Security Center
Microsoft Österreich
 
7 Experts on Implementing Azure Sentinel
Mighty Guides, Inc.
 
do you want to know about what is Microsoft Sentinel.pdf
amilsaifi5
 
Protect Office 365 with Azure Sentinel
Nanddeep Nachan
 
Azure Security Center
Microsoft
 
Power of the cloud - Introduction to azure security
Bruno Capuano
 
Power of the Cloud - Introduction to Microsoft Azure Security
Adin Ermie
 
Ad

Recently uploaded (20)

PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
PDF
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
KodekX | Application Modernization Development
KodekX
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Cloud computing and distributed systems.
kkkkkhan
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Teaching material agriculture food technology
LiaRayya
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 

Introduction to Azure Sentinel

  • 1. Microsoft Azure Sentinel Arnaud Lheureux Cloud Chief Security Officer One Commercial Partner Microsoft APAC Twitter: @arnaudLheureux
  • 3. Too many disconnected products High volume of noisy alerts Security skills in short supplyLack of automation Rising infrastructure costs and upfront investment IT deployment & maintenance Sophistication of threats Traditional SOC Challenges
  • 4. Cloud + Artificial Intelligence Security Operations Team
  • 5. Introducing Microsoft Azure Sentinel Collect DetectRespond Limitless cloud speed and scale Faster threat protection with AI by your side Bring your Office 365 data for Free Easy integration with your existing tools Investigate Cloud-native SIEM for intelligent security analytics for your entire enterprise Security data across your enterprise Rapidly and automate protection Threats with vast threat intelligence and AI Critical incidents guided by AI
  • 6. Microsoft Security Advantage $1B annual investment in cybersecurity 3500+ global security experts Trillions of diverse signals for unparalleled intelligence
  • 8. Focus on security, unburden SecOps from IT tasks © Microsoft Corporation Azure No infrastructure setup or maintenance SIEM Service available in Azure portal Scale automatically, put no limits to compute or storage resources
  • 9. Reduce security and IT costs No infrastructure costs or upfront commitment Only pay for what you use Bring your Office 365 Data for free Cloud-native, scalable SIEM
  • 10. Integrate with existing tools and data sources
  • 11. Pre-wired integration with Microsoft solutions Connectors for many partner solutions Standard log format support for all sources Collect security data at cloud scale from all sources across your enterprise Proven log platform with more than 10 petabytes of daily ingestion Microsoft 365
  • 12. Bring your own insights, machine learning models, and threat intelligence Tap into our security community to build on detections, threat intelligence, and response automation. Optimize for your needs © Microsoft Corporation Azure Bring your own ML Models & Threat Intelligence Security Community
  • 13. Demo Overview dashboard and data collection © Microsoft Corporation Azure
  • 14. AI by your side
  • 15. Correlated rules User Entity Behavior Analysis integrated with Microsoft 365 Bring your own ML models Pre-built Machine Learning models Threat Detection and Analysis ML models based on decades of Microsoft security experience and learnings Millions of signals filtered to few correlated and prioritized incidents Insights based on vast Microsoft threat intelligence and your own TI Reduce alert fatigue by up to 90% Detect threats and analyze security data quickly with AI
  • 16. Investigate threats with AI and hunt suspicious activities at scale, tapping into years of cybersecurity work at Microsoft © Microsoft Corporation Azure Get prioritized alerts and automated expert guidance Visualize the entire attack and its impact Hunt for suspicious activities using pre-built queries and Azure Notebooks
  • 17. Respond rapidly with built-in orchestration and automation Build automated and scalable playbooks that integrate across tools ! Security Products Ticketing Systems (ServiceNow) Additional tools
  • 18. Demo Threat detection, investigation and response © Microsoft Corporation Azure
  • 19. Sentinel In a nutshell © Microsoft Corporation Azure Microsoft Services Analyze & Detect Investigate & Hunt Automate & Orchestrate Response Visibility Data Ingestion Data Repository Data Search Enrichment IntegrateCollect
  • 20. What our partners and early adopters say about Azure Sentinel © Microsoft Corporation Azure “Azure Sentinel provides a unique and cloud centric security incident and event management solution that is both simple to deploy and able to manage complex hybrid customer environments.” Jeff Dunmall Executive Vice President of Global Managed Services “My team has the upper hand with Azure Sentinel. I get unbridled capacity, and the built-in AI and threat intelligence based on Microsoft’s years of cybersecurity experience really helps my team focus on keeping our clients secure vs managing infrastructure and threat feeds”. Andrew Winkelmann Global Security Consulting Practice Lead
  • 21. Take actions today- Get started with Sentinel Connect data sources To learn more, visit https://aka.ms/AzureSentinel Start Microsoft Azure trial Open Azure Sentinel preview dashboard in Azure Portal
  • 22. Thanks for your attention! Arnaud Lheureux, CISSP, CCSP https://aka.ms/arnaud Twitter : @arnaudLheureux