“Cybersecurity is all about combining the power of new technologies, like Azure Sentinel, with the power of people,” said Ann Johnson, Corporate Vice President, Security, Compliance, Identity and Management, at Microsoft. “The Azure Sentinel Hackathon is an opportunity to bring new cybersecurity ideas to life that will help address evolving cyber challenges.”
We launched the Azure Sentinel Hackathon 2021 over 3 months ago; we challenged security experts around the globe to build end-to-end cybersecurity solutions for Azure Sentinel that provides enterprise value and they delivered!
We are thrilled to receive a diverse set of submissions that deliver enterprise value by collecting data, managing security, detecting, hunting, investigating, and responding to cybersecurity threats. It’s truly inspiring to see the immense creativity and effort that participants put into their solutions. Thank you to all the participants of this Hackathon. Please join us in congratulating the winners of the Azure Sentinel Hackathon 2021.
First place: Azure Sentinel as new on premise SOAR replacement solution
Azure Sentinel as new on premise SOAR replacement solution from Secugram IO, enables enterprises in their cloudification journey, when cloud becomes a major workload and the rest is on premise. This is accomplished by having logs from an on premise SIEM (Security Information and Event Management) like QRadar ingested into Azure Sentinel to be able to leverage the latter’s cloud native capability to perform both SIEM and SOAR (Security Orchestration and Automated Response) operations in Azure Sentinel.
“In today's complex threat environment, modernizing SIEM is key to staying ahead of attackers. This innovative solution connects QRadar to Azure Sentinel and helps QRadar customers on their migration journey to cloud native SIEM. Congrats to Secugram IO for your superb entry into the competition.”, said Vasu Jakkal, Corporate Vice President, Microsoft Security, Compliance and Identity.
Second Place: Discord Secure
Discord Secure from Abhishek Reddypalle, Bhavana Talluri and Satwick Talluri, is an end-to-end cybersecurity solution for Azure Sentinel that monitors Discord messages and Audit operations, facilitating enterprises to respond to threats and mitigate them in a timely fashion. This solution enables enterprises that use Discord, onboard to Azure Sentinel and leverage content like data connector, workbooks, playbooks, analytic rules, hunting queries, etc. Check out this solution at DiscordSecure | Devpost
“Overall, this was a very comprehensive end-to-end Discord solution in Azure Sentinel”, said Ann Johnson.
Runners Up #1: LastPass Solution
LastPass Solution from Thijs Lecomte, Sander Bougrine and Olivier Vanheste enables enterprises to ingest data from password managers; monitoring password managers is extremely important as it contains high sensitive data. By using this solution, an enterprise can receive visibility into that data and hunt for potential security incidents. Take a look at this solution at LastPass Solution | Devpost
“Protecting credentials is of the utmost importance. Loved the use cases for LastPass”, said John Lambert, Distinguished Engineer and General Manager, Microsoft Threat Intelligence Center.
Runners Up #2: Azure Sentinel - Defender for IoT Solution and Lab
Azure Sentinel - Defender for IoT Solution and Lab from Ronald Prasad enables enterprises operating in the IoT industry vertical to effectively use Azure Sentinel for their end-to-end SOC scenarios that includes monitoring, investigation, and incident response for their IoT environment. Take a look at this solution at Azure Sentinel - Defender for IoT Solution and Lab | Devpost
“A company's IoT attack surface may outweigh their endpoint attack surface so solutions like this are very relevant”, said John Lambert.
Popular Choice: Secure_WRIKE_using_AZURE_SENTINEL
Secure_WRIKE_using_AZURE_SENTINEL from Paranjoy Gupta and Ayush guha, provides a solid defensive layer on top of Wrike's hardcore security for enterprises in the healthcare, finance, and IT industry verticals. Take a look at the solution at Secure_WRIKE_using_AZURE_SENTINEL | Devpost
“Great for anyone using Wrike, full set of integration, analytics and playbooks. Sounds promising.”, said Andrii Bezverkhyi, CEO & founder of SOC Prime, inventor of Uncoder.IO.
First 10 eligible submissions
We’d like to recognize the following 10 eligible submissions for this Hackathon.
- SecurityOrchestrator
- Secure_WRIKE_using_AZURE_SENTINEL
- Senserva Connections Sentinel Assets
- Ollie, your personal Azure Sentinel assistant
- MSSA - PSCA1
- Migration-Assist ! Helping migration from Splunk to Sentinel
- SocioThreatMonitor
- Mitigating Threats with Azure Sentinel from Cisco Umbrella
- Azure Sentinel - Defender for IoT Solution and Lab
- DiscordSecure
Again, congratulations to the winners and huge thanks to all the hackathon participants. We also wanted to take a moment to thank our all-star panel of judges for taking time out of their busy schedules to review and provide feedback on all the submissions. Many thanks for the support to Ann Johnson, Vasu Jakkal, John Lambert, Nick Lippis and Andrii Bezverkhyi.
Hopefully this Hackathon has inspired you to be a member of the Azure Sentinel Threat Hunters community. Get started now by joining the Azure Sentinel Threat Hunters GitHub community and follow the guidance. Let us know your feedback using any of the channels listed in the Resources.