Forum Discussion
Unified Security Operation Sentinel Vs Defender Tables
I have a question regarding the Unified SOC portal. In the session below, they highlighted one advantage: the ability to use Defender and Sentinel Tables together. However, both the SignInLogs and De...
Echo to this, not all environment have the budget to ingest Device****** events into Sentinel, given the huge volume of events it produced. Thus you have an option right now to both save cost + correlating the information from Sentinel end, under the Unified SOC portal.
You need to look into the monetary benefits of this integration as well, not only technical feasibility.
Hope my 2 cent helps.
You need to look into the monetary benefits of this integration as well, not only technical feasibility.
Hope my 2 cent helps.
Logically, this makes sense regarding the cost, but it will reduce Microsoft's revenue from data ingestion. This suggests that Microsoft will need to find another revenue channel, which will hopefully come from increased sales, but could also come from charging per API call to the analytics workspace, which is not clear till now.
Can anyone from Microsoft clarify if there will be a cost when enabling Unified SOC by any way?