Microsoft this week announced the general availability of Azure Sentinel, a cloud-based security information and event management (SIEM) platform aimed at identifying and blocking threats.
Designed for enterprises of all sizes and workloads, Azure Sentinel was launched in February in public preview to help security teams improve the security posture of their organizations. The cloud-native SIEM tackles modern threats by leveraging artificial intelligence.
The tool provides support for integration with security products from multiple vendors, including Check Point, Cisco, F5 Networks, Symantec, Palo Alto Networks and Fortinet.
Organizations are also offered the possibility to import data from Office 365 audit logs, Azure activity logs, and alerts from Microsoft Threat Protection solutions.
With many organizations looking to move applications and workloads into the cloud, they need a new approach to ensure proper security of data, including the adoption of machine learning and new technologies for process automation and orchestration.
Being powered by the cloud, Azure Sentinel aims to deliver both speed and scale, while also offering cost-effectiveness, with predictable billing and flexible commitments, Microsoft notes.
The SIEM platform can not only reduce costs associated with traditional on-premises SIEMs, but also save time spent on deployment and maintenance.
Because it allows customers to automatically scale resources as they need, it reduces infrastructure costs. Furthermore, with capacity reservation tiers, customers can save up to 60% compared to pay-as-you-go pricing plans, the company says.
Related: Microsoft Unveils New Azure, Windows Defender ATP Tools
Related: Microsoft Makes Azure Security Center for IoT Generally Available