Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, by analyzing the core components of Sentinel, we realize that this is a new product built from mature components such as Azure Monitor/Log Analytics, Logic Apps / Microsoft Flow, Jupyter Notebooks and the powerful query engine KQL.
The diagram below is a one-page view of the core Azure Sentinel components and how various parts of the traditional SIEM infrastructure relate to it. We have also included some of the complementary services that are not part of Sentinel itself but are typically used in correlation with Sentinel.
Contact us for full walk-through of this diagram and a review on how Azure Sentinel addresses most of the challenges faced by the SIEM industry.
Azure Sentinel Design – High-Definition PDF Version