Today, Microsoft has officially launched Sentinel All-in-One v2. It’s been over two years since the company debuted the first version.
For those not conversant with Microsoft Sentinel, Microsoft defines it as follows:
Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response.
As for Microsoft Sentinel All-in-One, it’s a product designed to assist both customers and clients to “quickly set up a full-fledged Microsoft Sentinel environment that is ready to use by customers speeding up deployment and initial configuration tasks in few clicks, saving time and simplifying Microsoft Sentinel setup”.
The new entry automates several processes designed to enhance efficiency and effectiveness for the users. For instance, Microsoft Sentinel All-in-One v2 enables Microsoft Sentinel on top of the workspace, health diagnostics for Analytics Rules, Data Connectors and Automation Rules, UEBA with the relevant identity providers (AAD and/or AD), and more.
Be sure to visit Microsoft’s Tech Community post for more details regarding the enhancements that ship with this update. It’s worth noting that you’ll need an Azure Subscription alongside an account with permissions to access this product. However, users who need to enable UEBA or even supported connectors will require access to higher privileges.