Microsoft Azure on the basis of known product called Log Analytics has created a new security tool Azure Sentinel. It is in preview mode at this moment.
So what is Sentinel ?
It is a SIEM – Security Information and Event Management with Microsoft cloud built-in AI analytics. You can collect any kind of event or warning or error or simply logs and using big data dashboard engine create your dynamic reports. As example:
We can collect events obviously from Azure services, but also from OnPrem Windows or Linux servers, from syslog devices, Firewalls, Microsoft SCOM, etc.
Once data is there we can visualize it and the data query engine is quite powerful with many help guides and example provided:
Otherwise you can use pre-built dashboards like for Fortinet and many others.
The pricing depends on volume of events sent to Azure. All Office 365 events are free.
Welcome to secure future !
Let us go farther together!
Whether for a simple question or suggestion, we are at your disposal to answer it by email or by phone.