Microsoft Sentinel Partner Solution Contributions update - Ignite 2023
Published Nov 15 2023 02:26 PM 6,868 Views
Microsoft

Microsoft Sentinel is a cloud-native security information and event management (SIEM) solution that helps you detect, investigate, and respond to threats across your enterprise. One of the key features of Microsoft Sentinel is its ability to integrate with various data sources, both from Microsoft and third-party providers, to collect and analyze security signals from your environment.

 

In this Ignite 2023 blog post, we are excited to share the latest new partner contributed integrations that are now available for Microsoft Sentinel. These integrations enable you to connect your existing security solutions with Microsoft Sentinel and leverage its powerful capabilities to enhance your security posture.

 

Featured

 

Cisco Catalyst SD-WAN Microsoft Sentinel Application

Cisco’s latest Microsoft Sentinel Integration delivers visualization, analysis, and representation of threat data, captured by Cisco SD-WAN's security stack including Cisco SD-WAN Security Logs, Events and NetFlow Data supporting investigation, hunting, detection and enrichment scenarios for Microsoft Sentinel customers.

 

Commvault Security IQ for Microsoft Sentinel

Commvault Security’s new integration brings security insights and alerts from Commvault/Metallic environments to Microsoft Sentinel for support and enable investigations as well as remediation playbooks to help Microsoft Sentinel powered SOC’s protect and respond to Ransomware and related threats in the data protection environment.

 

Corelight for Microsoft Sentinel

Corelight’s integration with Microsoft Sentinel now provides ASIM normalized data enabling more out of the box value to Sentinel customers.  Corelight already supports ingestion of Zeek and Suricata  data into Microsoft Sentinel, with custom workbooks, hunting queries and analytics.  Corelight’s ASIM support allows rich out of the box Microsoft Sentinel Solutions, like the Network Session Essentials solution, to work automatically with Corelight data in customer's workspaces. 

 

Vectra XDR for Microsoft Sentinel

Vectra XDR Integration for Microsoft Sentinel brings insights and conclusions from Vectra Respond to Microsoft Sentinel enabling investigations with additional information in context.

 

New and Notable

 

Bitsight

Bitsight’s new Microsoft Sentinel solution brings Bitsight Risk monitoring insights to Microsoft Sentinel to inform investigations with Bitsight Security Ratings, findings, and tools (managing support requests, open cases, and IT services delivery).

 

Defend Limited Microsoft Sentinel Solution for Atlassian Beacon

Defend Limited has delivered a new solution brining alerts and insights generated in the Atlassian Beacon threat detection engine for Atlassian Cloud for investigation and analysis in context within the Microsoft Sentinel experience.

 

Feedly Solution For Microsoft Sentinel

Feedly’s new integration brings their AI prioritized threat intelligence feed to Sentinel delivering both IOC and contextual information about the indicators.

 

GreyNoise Enterprise Solution for Microsoft Sentinel

GreyNoise collects, analyzes, and labels data on IPs that scan the internet and saturate security tools with noise, and by bringing their curated threat intelligence to Microsoft Sentinel, helps analysts spend less time on irrelevant or harmless activity, and spend more time on targeted and emerging threats.

 

Island Microsoft Sentinel solution

The Island Solution for Microsoft Sentinel enables events from Island Enterprise Browers via the Island Management Console to be automatically shared with Microsoft Sentinel for real-time analysis.

 

Mimecast 

Mimecast brings integrated information from Mimecast tenants via four new Microsoft Sentinel solutions, including event data, alerts enabling analysis and investigation and extended detection via Mimecast Threat Intelligence.

Nasuni

Nasuni’s solution integrates Nasuni’s Ransomware Protection Platform audit log information to Microsoft Sentinel to inform detection, investigation and remediation from ransomware and other related security events.

 

Netclean Proactive

Netclean Proactive logs, and alerts enable Microsoft Sentinel user to conduct more advanced and thorough investigations of incidents reported by NetClean ProActive and Microsoft Sentinel can provide additional and vital case info, such as extended data and analysis of the user and endpoint that triggered the incident, aiding both the internal investigation and collaboration with law enforcement.

 

Recorded Future

Recorded Future Threat Intelligence solution for Microsoft Sentinel automatically positioning their differentiated threat intelligence data directly in Microsoft Sentinel enabling new detections, faster triage and accurate decision-making.

 

Wiz

The Wiz solution for Microsoft Sentinel enables ingestion of Wiz Issues, Vulnerability Findings, and Audit logs into Microsoft Sentinel, enabling the detection and prioritization of cloud security risks, across vulnerabilities, malware, internet exposure, identity analysis, data security and more through an agentless approach for AWS, Azure, Google Cloud, OCI, Alibaba, and Kubernetes.

 

These are just some of the more that 320+ commercially supported Security Solutions that are now available for Microsoft Sentinel.  In addition to commercially supported integrations, Microsoft Sentinel Content Hub also connects you to hundreds of community-based solutions as well as thousands of practitioner contributions.  You can find more details and instructions on how to set up these integrations via Content Hub in Microsoft Sentinel.   

 

To our partners:  Thank you for your continued partnership and invaluable input on this journey to deliver the most comprehensive, timely insights and security value to our mutual customers.  Security is very much a team sport and we are glad to be working together.

 

We hope you find these new partner solutions useful, and we look forward to hearing your feedback and suggestions. Stay tuned for more updates and announcements on Microsoft Sentinel and its partner ecosystem.

 

Learn More 

Microsoft is committed to empowering our customers with modern security tools and platforms to enable critical protection for your organization and users. See additional resources below.  

What else is new with Microsoft Sentinel? 

Additional resources:  

 

 

 

 

 

 

Co-Authors
Version history
Last update:
‎Nov 14 2023 05:08 PM
Updated by: