In today’s rapidly evolving threat landscape, organizations need security solutions that deliver actionable insights in real time, not minutes or hours after the fact. Microsoft Sentinel continues to...

February brings a set of new innovations to Sentinel that helps you work with security content across your SOC. This month’s updates focus on how security teams ingest, manage, and operationalize c...

Today, we’re excited to announce the general availability (GA) of data lake tier ingestion for Microsoft XDR Advanced Hunting tables into Microsoft Sentinel data lake. Security teams continue to ge...

The upcoming update introduces more consistent and predictable entity data across analytics, incidents, and automation by standardizing how the Account Name property is populated when using UPN‑based...

We are happy to announce a new data connector that is available to the public: the Microsoft Copilot data connector for Microsoft Sentinel. The new Microsoft Copilot data connector will allow for aud...

Security teams already have access to enormous volumes of telemetry across identity, endpoint, network, and cloud. The real challenge isn’t collecting more data. It’s turning that data into faster de...

We are unveiling a major enhancement of Microsoft Sentinel’s UEBA Essentials solution. This update includes expanded multi-cloud anomaly detection queries across Azure, AWS, GCP, and Okta, as well as...

Onboard new tenants and maintain a consistent security baseline We’re excited to announce a set of new content types that are now supported by the multi-tenant content distribution capability in th...

We’re sharing an important update to help Microsoft Sentinel customers and partners plan a smooth transition to the Microsoft Defender portal. In July 2025, we announced that Microsoft Sentinel SIE...

Migrating from one SIEM to another is a critical decision—and often one of the hardest to execute. Legacy SIEM migrations are complex, resource-heavy, and time-consuming, often taking up to 15 months...