What is Microsoft Sentinel?
7 quick facts to help you understand how Sentinel can help you secure your environment 👇
7 quick facts to help you understand how Sentinel can help you secure your environment 👇
1) Azure Sentinel is a Microsoft cloud-based SIEM solution that collects data from multiple sources (Microsoft Azure, M365, AWS, GCP, on-premises services).
2) Use Sentinel to collect, detect, investigate, and respond to security alerts for both on-premises and cloud systems.
3) It offers 130 data connectors, allowing easy ingestion of data, and stores data in Log Analytics.
4) Kusto Query Language (KQL) is used to query data and create dashboards and visualizations.
5) It provides alerts in different forms (email, SMS, Teams channel, work item in project management tool) and allows automating responses to detected incidents.
6) It allows correlation between different data types to detect multistage attacks.
7) Log Analytics allows storing data for up to two years, which aligns with industry standards, and longer term storage can be achieved by sending data to a Storage Account (up to 7 years).
Check out the full article on Microsoft Sentinel at Petri.com petri.com/what-is-micros… #Microsoft #CloudComputing #cloudsecurity
• • •
Missing some Tweet in this thread? You can try to
force a refresh
