We are happy to announce that Microsoft Sentinel now integrates with Azure Purview through a new solution available in public preview. You can now see the classification and labeling insights from Azure Purview scans to enrich the security experience within Microsoft Sentinel. The Azure Purview solution also includes a customizable workbook template and analytical rules which allow you to visualize your data and receive alerts if the sensitivity of the data stored within your data estate changes.
Microsoft Sentinel already collects data at cloud scale, across all users, devices, applications, and infrastructure - on-premises and in multiclouds. With the new Azure Purview solution, you can now combine data sensitivity insights from Azure Purview with data from other Microsoft Sentinel solutions.
Azure Purview and Microsoft Sentinel Integration steps
Azure Purview Solution
The solution within Microsoft Sentinel provides the ability to onboard all the content for Azure Purview using a single process.
Once the solution is enabled, the steps outlined in the data connector show how to set up the diagnostic settings to allow the logs from Azure Purview to flow into Microsoft Sentinel.
The workbook visualizes the data that is being ingested into Microsoft Sentinel and features insights on the location of resources, classifications found, and more. The workbook is fully customizable and can be changed to best suit the needs of your organization.
Analytical rules create alerts and incidents within Microsoft Sentinel. As part of the Azure Purview solution, analytical rule templates are provided to create an alert when new classifications on a resource have been found during an Azure Purview scan within the last 24 hours. The analytical rules enable you to stay informed on the latest changes occurring within your data.
Get started today
Read the documentation on how to set up the Microsoft Sentinel integration with Azure Purview.