Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Microsoft Unveils New Azure, Windows Defender ATP Tools

Microsoft on Thursday unveiled two new cloud-based security products and services — Microsoft Azure Sentinel and Microsoft Threat Experts — designed to make it easier for security teams to do their job.

Microsoft on Thursday unveiled two new cloud-based security products and services — Microsoft Azure Sentinel and Microsoft Threat Experts — designed to make it easier for security teams to do their job.

The tech giant says security teams are often overwhelmed by threats and alerts. These alerts can turn out to be false positives, but by the time they figure it out, security staff may have already spent a significant amount of time investigating the potential threat.

Microsoft Azure Sentinel aims to address this by providing a cloud-based security information and event management (SIEM) platform that leverages artificial intelligence to help identify and block threats while reducing the workload of security teams.

“With AI on your side it helps reduce noise drastically—we have seen an overall reduction of up to 90 percent in alert fatigue with early adopters. Because it’s built on Azure you can take advantage of nearly limitless cloud speed and scale and invest your time in security and not servers,” Microsoft said.

Azure Sentinel

Available in preview from the Azure portal, Azure Sentinel can be integrated with security platforms and productivity tools from other vendors, including Check Point, Cisco, F5 Networks, Symantec, Palo Alto Networks and Fortinet. It also allows users to easily combine their Office 365 data with security data for analysis.

As for Microsoft Threat Experts, the company says it’s a new service within Windows Defender ATP that provides experts who can extend the capabilities of an organization’s security operations center.

“Through this service, Microsoft will proactively hunt over your anonymized security data for the most important threats, such as human adversary intrusions, hands-on-keyboard attacks, and advanced attacks like cyberespionage—helping your team prioritize the most important risks and respond quickly,” Microsoft explained.

Through this service, users are also provided an “Ask a threat expert” button that they can use to submit questions to Microsoft’s experts.

Microsoft Threat Experts is also available in preview mode and it can be activated from the Windows Defender ATP settings.

Related: Microsoft Launches Azure DevOps Bug Bounty Program

Related: Microsoft Adds New Tools to Azure DDoS Protection

Related: Microsoft Enhances Windows Defender ATP

Related: Microsoft Boosts Azure Security With Array of New Tools

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.