This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.
Microsoft Sentinel is a cloud-native security information and event management (SIEM) solution that helps you detect, investigate, and respond to threats across your enterprise. One of the key features of Microsoft Sentinel is its ability to integrate with various data sources, both from Microsoft and third-party providers, to collect and analyze security signals from your environment.
In this Ignite 2023 blog post, we are excited to share the latest new partner contributed integrations that are now available for Microsoft Sentinel. These integrations enable you to connect your existing security solutions with Microsoft Sentinel and leverage its powerful capabilities to enhance your security posture.
Cisco’s latest Microsoft Sentinel Integration delivers visualization, analysis, and representation of threat data, captured by Cisco SD-WAN's security stack including Cisco SD-WAN Security Logs, Events and NetFlow Data supporting investigation, hunting, detection and enrichment scenarios for Microsoft Sentinel customers.
Commvault Security’s new integration brings security insights and alerts from Commvault/Metallic environments to Microsoft Sentinel for support and enable investigations as well as remediation playbooks to help Microsoft Sentinel powered SOC’s protect and respond to Ransomware and related threats in the data protection environment.
Corelight’s integration with Microsoft Sentinel now provides ASIM normalized data enabling more out of the box value to Sentinel customers. Corelight already supports ingestion of Zeek and Suricata data into Microsoft Sentinel, with custom workbooks, hunting queries and analytics. Corelight’s ASIM support allows rich out of the box Microsoft Sentinel Solutions, like the Network Session Essentials solution, to work automatically with Corelight data in customer's workspaces.
Vectra XDR Integration for Microsoft Sentinel brings insights and conclusions from Vectra Respond to Microsoft Sentinel enabling investigations with additional information in context.
New and Notable
Bitsight’s new Microsoft Sentinel solution brings Bitsight Risk monitoring insights to Microsoft Sentinel to inform investigations with Bitsight Security Ratings, findings, and tools (managing support requests, open cases, and IT services delivery).
Defend Limited has delivered a new solution brining alerts and insights generated in the Atlassian Beacon threat detection engine for Atlassian Cloud for investigation and analysis in context within the Microsoft Sentinel experience.
Feedly’s new integration brings their AI prioritized threat intelligence feed to Sentinel delivering both IOC and contextual information about the indicators.
GreyNoise collects, analyzes, and labels data on IPs that scan the internet and saturate security tools with noise, and by bringing their curated threat intelligence to Microsoft Sentinel, helps analysts spend less time on irrelevant or harmless activity, and spend more time on targeted and emerging threats.
The Island Solution for Microsoft Sentinel enables events from Island Enterprise Browers via the Island Management Console to be automatically shared with Microsoft Sentinel for real-time analysis.
Mimecast brings integrated information from Mimecast tenants via four new Microsoft Sentinel solutions, including event data, alerts enabling analysis and investigation and extended detection via Mimecast Threat Intelligence.
- Mimecast Audit Logs for Microsoft Sentinel - Audit Logs from Mimecast Cloud Gateway
- Mimecast Cloud Gateway MTA – Mail Transfer Agent events from Mimecast's Cloud Gateway
- Mimecast Cloud Gateway Targeted Threat Protection - Targeted Threat Protection Logs from Mimecast Cloud Gateway
- Mimecast Cloud Gateway Threat Intel Regional Feed - Regional threat intelligence curated from Mimecast’s email inspection technologies
Nasuni’s solution integrates Nasuni’s Ransomware Protection Platform audit log information to Microsoft Sentinel to inform detection, investigation and remediation from ransomware and other related security events.
Netclean Proactive logs, and alerts enable Microsoft Sentinel user to conduct more advanced and thorough investigations of incidents reported by NetClean ProActive and Microsoft Sentinel can provide additional and vital case info, such as extended data and analysis of the user and endpoint that triggered the incident, aiding both the internal investigation and collaboration with law enforcement.
Recorded Future Threat Intelligence solution for Microsoft Sentinel automatically positioning their differentiated threat intelligence data directly in Microsoft Sentinel enabling new detections, faster triage and accurate decision-making.
The Wiz solution for Microsoft Sentinel enables ingestion of Wiz Issues, Vulnerability Findings, and Audit logs into Microsoft Sentinel, enabling the detection and prioritization of cloud security risks, across vulnerabilities, malware, internet exposure, identity analysis, data security and more through an agentless approach for AWS, Azure, Google Cloud, OCI, Alibaba, and Kubernetes.
These are just some of the more that 320+ commercially supported Security Solutions that are now available for Microsoft Sentinel. In addition to commercially supported integrations, Microsoft Sentinel Content Hub also connects you to hundreds of community-based solutions as well as thousands of practitioner contributions. You can find more details and instructions on how to set up these integrations via Content Hub in Microsoft Sentinel.
To our partners: Thank you for your continued partnership and invaluable input on this journey to deliver the most comprehensive, timely insights and security value to our mutual customers. Security is very much a team sport and we are glad to be working together.
We hope you find these new partner solutions useful, and we look forward to hearing your feedback and suggestions. Stay tuned for more updates and announcements on Microsoft Sentinel and its partner ecosystem.
Microsoft is committed to empowering our customers with modern security tools and platforms to enable critical protection for your organization and users. See additional resources below.
What else is new with Microsoft Sentinel?
- Microsoft Sentinel solution for Power Platform
- Enrichment Widgets
- What’s new in Microsoft Sentinel for ISVs
- Unified platform documentation: Aka.ms/unifiedsiemxdrdocs
- SIEM and XDR Solutions | Microsoft Security
- Microsoft Sentinel: https://aka.ms/microsoftsentinel
- Latest announcements: Microsoft Sentinel Blog - Microsoft Tech Community
- Microsoft Sentinel solution for SAP: Microsoft Sentinel solution for SAP® applications – SAP Monitoring | Microsoft Azure
- Microsoft Sentinel pricing: Microsoft Sentinel Pricing | Microsoft Azure
- Microsoft Customer Stories
- Microsoft Sentinel documentation | Microsoft Learn
- Private preview community