One Ops Question: What is Azure Sentinel?
Published Jul 12 2020 12:00 AM 5,889 Views

In this episode of One Ops Question, Dean Bryen  answers the question "What is Azure Sentinel?"


Because the Internet is littered with dangers and threats you need Microsoft Azure Sentinel.  IT's a Security Incident and Event Management (SIEM) solution built right into Azure to deliver intelligent security analytics across your environments.



Azure Sentinel can be your way to view the intelligent security analytics and threat intelligence across all your environment alleviating the stress of fighting attacks, increasing volumes of alerts, and long resolution timeframes.


  • Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds. 

  • Detect previously undetected threats, and minimize false positives using Microsoft's analytics and unparalleled threat intelligence. 

  • Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft. 

  • Respond to incidents rapidly with built-in orchestration and automation of common tasks.



To leverage Azure Sentinel, you need to enable Azure Sentinel, and then connect your data sources. Sources such as 

  • Microsoft Threat Protection solutions
  • Microsoft 365 sources (including Office 365)
  • Azure AD
  • Azure ATP
  • Microsoft Cloud App Security
  • and more.

Once Sentinel is enabled in your subscription and that your data sources are connected you're ready to visualize and get a detailed analysis of what's happening on your environment


If you want peace of mind in the knowledge that your environment is being looked after.  you need to try Azure Sentinel











Version history
Last update:
‎Jul 12 2020 12:00 AM
Updated by: