Cloud Security

Mar 26, 2021

Azure Sentinel Design Update

Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, it has since advanced in bounds and leaps, doubling the number of data connectors, improving visualizations, incident management and building a rich ecosystem of options for SOAR and data enrichment. Combined with a tight […]

Read More
Azure Sentinel Design Update
Sep 28, 2020

Microsoft Security Stack Product Rebranding

Microsoft Security Stack Product Rebranding by Adrian Grigorof, CISSP, CISM, CRISC, CCSK , Marius Mocanu, CISSP, CISM, CEH, SCF Last update: September 28, 2020 On September 22nd, 2020, Microsoft announced a rebranding of their threat protection portfolio as well as an emphasis on its tools becoming a components of  an extended detection and response (XDR) […]

Read More
Microsoft Security Stack Product Rebranding
Sep 13, 2020

Azure Sentinel Design

Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, it has since advanced in bounds and leaps, doubling the number of data connectors, improving visualizations, incident management and building a rich ecosystem of options for SOAR and data enrichment. Combined with a tight […]

Read More
Azure Sentinel Design
Aug 16, 2020

Azure Sentinel Data Connectors

On July 21st 2020, Microsoft announced a new set of Azure Sentinel data connectors for some important security solutions providers. This is great news for our Sentinel customers, as the ability to ingest logs from a wide variety of log sources is one of  top requests, along with data optimization (how can I reduce my […]

Read More
Azure Sentinel Data Connectors
May 10, 2020

Azure Sentinel Incidents & KPI Dashboards

Since its release in preview mode in February 2019, Azure Sentinel has provided the Incidents blade in its portal as a platform to monitor and manage the situation when the configured use cases (alerts) are triggered. As the product evolved in bounds and leaps, the Incidents features has become more mature and now, combined with […]

Read More
Azure Sentinel Incidents & KPI Dashboards
May 3, 2020

Microsoft Cloud App Security Design

Microsoft Cloud App Security (MCAS) has been rated as the number 1 leader CASB product in Gartner’s Magic Quadrant in 2019. As part of Microsoft’s cloud security stack, it provides full integration with other M365 security products, such as ATP, Security Center, Defender ATP and Azure Sentinel. It provides deep visibility and control of SaaS-related […]

Read More
Microsoft Cloud App Security Design
Mar 27, 2020

Azure Sentinel COVID-19 Alerts and IoCs

While the world is struggling to contain the devastating effects of the COVID-19 virus, there are an increasing number of malicious actors attempting to take advantage of it and attack organizations using the desire for information about this virus. At Managed Sentinel, we decided to create and maintain a list of IoCs (IP addresses, domains, […]

Read More
Azure Sentinel COVID-19 Alerts and IoCs
Jan 27, 2020

Azure Sentinel & Log Analytics Tables

Azure Sentinel is using Azure Log Analytics as the backend for the log storage and querying capabilities through Kusto Query Language (KQL). A wealth of information is available from various log sources and they are stored in Log Analytics “tables”. There are many tables created by default, though not always populated with data and many […]

Read More
Azure Sentinel & Log Analytics Tables
Jan 19, 2020

AWS CloudWatch to Azure Sentinel

While talking about Azure Sentinel with cybersecurity professionals we do get the occasional regretful comment on how Sentinel sounds like a great product but their organization has invested significantly in AWS services so implicitly, Sentinel is out-of-scope of potential security controls for their infrastructure. AWS offers the CloudWatch service that is able to collect performance […]

Read More
AWS CloudWatch to Azure Sentinel
Jul 19, 2019

Mapping of On-Premises Security Controls vs Major Cloud Providers

A mapping at the very high level of on-premises security controls to native cloud services that can be used to replicate their specific role. As the cloud services tend to be more granular and overlapping in functionality, the mapping is at best approximate but it may bring some extra awareness on the options available in […]

Read More
Mapping of On-Premises Security Controls vs Major Cloud Providers
Jul 17, 2019

Azure Security Center Components and Relations with Other Services

One of the most common questions that we are receiving about Azure Sentinel is about its functionality compared with Azure Security Center. The diagram below is an attempt to describe the various components of Azure Security Center, its relation with other Azure services, including Azure Sentinel as well as the interaction with non-Azure services and […]

Read More
Azure Security Center Components and Relations with Other Services
Jun 26, 2019

SIEM: Traditional vs. Cloud

This article reflects the TASK Jun 26, 2019 Presentation: Big changes in SIEMs: A comparison of cloud-born and traditional options Ask any cybersecurity professional to quickly tell what SIEM stands for any most will slightly hesitate before coming up with “Security Information and Events Management”, a rather long name that is just the final result […]

Read More
SIEM: Traditional vs. Cloud
Page 1 of 2
Back to top
12
Close