Microsoft Security Azure Sentinel Blog Mobile Microsoft Security Azure Sentinel Blog

Managed Sentinel Blog

Gain insight into the latest trends and tricks with Microsoft Azure Sentinel. As a recognized leader in consulting & implementation, Managed Sentinel offers a unique perspective on the current state, and future, of this SEIM tool.

Jan 19, 2020

AWS CloudWatch to Azure Sentinel

While talking about Azure Sentinel with cybersecurity professionals we do get the occasional regretful comment on how Sentinel sounds like a great product but their organization has invested significantly in AWS services so implicitly, Sentinel is out-of-scope of potential security controls for their infrastructure. AWS offers the CloudWatch service that is able to collect performance […]

Read More
AWS CloudWatch to Azure Sentinel
Oct 25, 2019

SIEM: Traditional vs Cloud

This article reflects the TASK Jun 26, 2019 Presentation: Big changes in SIEMs: A comparison of cloud-born and traditional options Ask any cybersecurity professional to quickly tell what SIEM stands for any most will slightly hesitate before coming up with “Security Information and Events Management”, a rather long name that is just the final result […]

Read More
SIEM: Traditional vs Cloud
Jul 19, 2019

Mapping of On-Premises Security Controls vs Major Cloud Providers

A mapping at the very high level of on-premises security controls to native cloud services that can be used to replicate their specific role. As the cloud services tend to be more granular and overlapping in functionality, the mapping is at best approximate but it may bring some extra awareness on the options available in […]

Read More
Mapping of On-Premises Security Controls vs Major Cloud Providers
Jul 17, 2019

Azure Security Center Components and Relations with Other Services

One of the most common questions that we are receiving about Azure Sentinel is about its functionality compared with Azure Security Center. The diagram below is an attempt to describe the various components of Azure Security Center, its relation with other Azure services, including Azure Sentinel as well as the interaction with non-Azure services and […]

Read More
Azure Security Center Components and Relations with Other Services
Jun 26, 2019

SIEM: Traditional vs. Cloud

This article reflects the TASK Jun 26, 2019 Presentation: Big changes in SIEMs: A comparison of cloud-born and traditional options Ask any cybersecurity professional to quickly tell what SIEM stands for any most will slightly hesitate before coming up with “Security Information and Events Management”, a rather long name that is just the final result […]

Read More
SIEM: Traditional vs. Cloud
Jun 19, 2019

Azure Cloud Security Stack vs. NIST Cybersecurity Framework

In May 2019, Managed Sentinel released a diagram presenting a mapping of Azure Security services vs on-premises security controls. The cybersecurity community expressed an interest in having the same security controls mapped against the NIST Cybersecurity Framework functions: Identify, Detect, Protect, Respond and Recover. The diagram below provides a high-level view of how various Azure […]

Read More
Azure Cloud Security Stack vs. NIST Cybersecurity Framework
May 30, 2019

Azure Sentinel & Jupyter Notebooks

Before going into additional details about what a Jupyter Notebook is, I would like first to have a visual comparison of the analytical functionality offered by Azure Kusto Query Language queries vs. Jupyter Notebook with Python/msticpy/Kqlmagic. If your analytical requirements are limited to those typical to SIEM platforms that allow query of data, extraction of […]

Read More
Azure Sentinel & Jupyter Notebooks
May 28, 2019

On-Premises vs. Azure Cloud Security Stack

In February 2019, Managed Sentinel released a diagram presenting a mapping of on-premises security controls vs. services offered by major cloud services providers. The following diagram follows a similar pattern, focused just on Azure security technologies and including additional information such as free vs. billable Azure services, availability of the 3rd party tools within Azure Marketplace and […]

Read More
On-Premises vs. Azure Cloud Security Stack
May 23, 2019

Cybersecurity Architecture & Roadmap: Current and Future View

Executive View — Current and Future Cybersecurity Architecture On One Page With the increased complexity of the organization infrastructure, it becomes more and more difficult for CISOs and security architects to present a high-level view of the current cybersecurity controls, let alone the proposed roadmap. The cybersecurity roadmap diagram below attempts to capture the typical security controls and […]

Read More
Cybersecurity Architecture & Roadmap: Current and Future View
May 23, 2019

Configuring Office 365 Connector in Azure Sentinel

The Office 365 activity log connector provides insight into ongoing O365 user activities.  By configuring Office 365 Connector in Azure Sentinel you will get details of operations such as file downloads, access requests sent, changes to group events, set-Mailbox and details of the user who performed the actions. This information will be visible in Azure Sentinel Dashboards […]

Read More
Configuring Office 365 Connector in Azure Sentinel
May 20, 2019

Azure Sentinel SIEM Architecture

Azure Sentinel cloud SIEM architecture vs. traditional SIEM platforms (based on SANS Reference SIEM Architecture). It provides a high-level mapping of specific Azure Sentinel functions to generic next-gen SIEM functions.

Read More
Azure Sentinel SIEM Architecture
Page 1 of 3
Back to top
Close