Microsoft introduces two new cybersecurity services: Azure Sentinel and Microsoft Threat Experts

Kip Kniskern

Cybersecurity is quickly becoming a huge problem for business, as cyber attacks large and small not only compromise data and steal money and secrets, but fighting them costs companies both time and money. Companies move their data, their servers, and their software into the cloud not only to save warehouse space but to gain from connecting services together. Today Microsoft is offering two new services to do the same for cybersecurity, allowing companies to spend less time wading through “the noise, false alarms, and time consuming tasks,” and more time securing their data from threats.

Azure Sentinel, a new offering from Microsoft in preview today, ‘helps empower SecOps teams to keep their organizations safe by harnessing the power, simplicity and extensibility of Azure to analyze data from Microsoft 365 and security solutions from other vendors,” according to Ann Johnson, CVP for Cybersecurity Solutions at Microsoft wrote today in a blog post. Early adopters to the program have seen an overall reduction of “up to 90 percent in alert fatigue,” by using AI to filter out the noise.

Azure Sentinel

Instead of relying on tools built in house or cobbled together by harried security teams, Microsoft is offering the benefits of a built from the ground up cloud solution, bringing with it many of the same benefits companies see from other cloud endeavors, speed, scale, cost and management savings, and the power of Microsoft standing behind it:

Because it’s built on Azure you can take advantage of nearly limitless cloud speed and scale and invest your time in security and not servers. In just a few clicks you can bring in your Microsoft Office 365 data for free and combine it with your other security data for analysis.
Azure Sentinel is the product of Microsoft’s close partnership with customers on their journey to digital transformation. We worked hand in hand with dozens of customers and partners to rearchitect a modern security tool built from the ground up to help defenders do what they do best – solve complex security problems. Early adopters are finding that Azure Sentinel reduces threat hunting from hours to seconds.

Microsoft is also introducing Microsoft Threat Experts, a coordinated way for companies, through Windows Defender ATP (Advanced Threat Protection), to extend the capabilities of a security operations center team:

Microsoft will proactively hunt over your anonymized security data for the most important threats, such as human adversary intrusions, hands-on-keyboard attacks, and advanced attacks like cyberespionage—helping your team prioritize the most important risks and respond quickly. The service also provides world-class expertise on demand. With the new “Ask a Threat Expert” button, your security operations team can submit questions directly in the product console.

Microsoft doesn’t benefit if its customers are overwhelmed by trying to defend themselves instead of advancing their businesses, and while we’ll probably never see an end to cyber attacks both large and small, hopefully these efforts and others will help.