Azure Sentinel achieves a Leader placement in Forrester Wave, with top ranking in Strategy
I’m thrilled to announce Forrester Research has named Microsoft Azure Sentinel as a “Leader” in The Forrester Wave™: Security Analytics Platform Providers, Q4 2020. When we released Azure Sentinel almost a year ago—
The Azure Sentinel vision
We are especially honored to see that Azure Sentinel received the top ranking in the “Strategy” category because one of our core values is to enable SecOps teams to do more with less by offering a different path forward than traditional, on-premises SIEMs. The key lies in Azure Sentinel’s cloud-native nature. For many of our customers, moving to the cloud has been a transformative change. At Avanade, for example, moving to Azure Sentinel enabled the security team to shift their focus from on-premises management and instead spend time on strategic work to make their organization safer. As a cloud-native SIEM, Azure Sentinel makes it easy to deploy, scale, and use. You can collect, correlate, and analyze data across users, devices, applications, and infrastructure at cloud scale—
Most importantly, by eliminating the infrastructure and maintenance of an on-premises SIEM, you empower your team to focus on what’s most important: protecting your organization.
Azure Sentinel helps you detect and investigate threats more efficiently by harnessing AI. Azure Sentinel uses a technique called Fusion to find threats that fly under the radar by combining low fidelity, “yellow” anomalous activities into high fidelity “red” incidents. Fusion combines data from disparate data sets across both Microsoft and partner data sources, then uses graph-based machine learning and a probabilistic kill chain to produce high-fidelity alerts. This process reduces alert fatigue by 90 percent, ensuring that SecOps teams are only spending time on real, actionable alerts. And with integrated automation, it further optimizes your team’s time by automating responses to common tasks.
With these innovations, we’ve helped our customers protect their organizations more efficiently—
Our goals are not just limited to transforming the SIEM market. In September, we shared our vision for how organizations can get fight threats in today’s complex landscape with integrated SIEM and Extended Detection and Response (XDR) from a single vendor. With this combination, you get the best of both worlds—
Just getting started
We’re constantly working with partners and customers on ways to improve Azure Sentinel—
- User and Entity Behavioral Analytics (UEBA), to pinpoint unknown and insider threats.
- The ability to build your own ML models.
- Threat Intelligence improvements, including threat indicator management.
- Watchlists to eliminate time-consuming manual analysis of external data sources, enabling you to correlate security events with other non-security data sources.
- Many new connectors to simplify data collection.
We have no plans to slow down. With innovations still to come, the best days of Azure Sentinel are still ahead of us.
In the meantime, Azure Sentinel’s performance in the Forrester Wave is an encouraging sign that we’re on the right track with our journey to streamline and strengthen your security—
To all our customers, thanks for coming with us on this journey. Keep the feedback coming—
Click here to read a courtesy copy of The Forrester Wave™: Security Analytics Platform Providers, Q4 2020.
If you’re ready to get started with Azure Sentinel, we invite you to sign up for a trial today.
With integrated SIEM and XDR, you get the best of both worlds. To help you take advantage of this integrated security approach, Microsoft is currently running an Azure Sentinel benefit for Microsoft 365 E5 customers.
From November 1, 2020, through May 1, 2021, Microsoft 365 E5 and Microsoft 365 E5 Security customers can get Azure credits for the cost of up to 100MB per user per month of included Microsoft 365 data ingestion into Azure Sentinel. Data sources included in this benefit include:
- Azure Active Directory (Azure AD) sign-in and audit logs.
- Microsoft Cloud App Security shadow IT discovery logs.
- Microsoft Information Protection logs.
- Microsoft 365 advanced hunting data (including Microsoft Defender for Endpoint logs).
With these credits, a standard 3,500 seat deployment can see estimated savings of up to $1,500 per month. This offer is available to new and existing customers who have Enterprise (EA) or Enterprise Subscription (EAS) Agreements and Enrollments, and you can begin accruing credits in your first month of eligibility. You can learn more about the offer here.
To learn more about Microsoft Security solutions visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.
This article was written by Eric Doerr, Vice President of Cloud Security at Microsoft and originally appeared in Microsoft’s Security Blog.