Microsoft Sentinel is expanding to tackle all your company's biggest security fears

Now in public preview, Microsoft says users will no longer need to choose between retaining critical data and staying within budget.

It combines SIEM, XDR and threat intelligence into a single platform, bringing together data from Microsoft and third-party sources with over 350 native connectors, promising to be a whole "new architecture," not "just a new product."

Microsoft Sentinel Data Lake

In order to democratize threat intelligence and improve coverage, Microsoft Defender Threat Intelligence capabilities will now be available in Defender XDR and Sentinel without adding to the cost.

This is on top of the injection of artificial intelligence, which promises "faster detection, smarter response and the ability to outpace even the most sophisticated adversaries."

Microsoft says the update allows security teams to uncover attacker behavior without worrying about storage limits, which can significantly improve detection by analyzing company-specific trends.

Sentinel Data Lake "enables security teams to proactively detect latent attacks, detect emerging threats with AI-driven models, reconstruct attack timelines in forensic detail, and retroactively uncover indicators of compromise that might otherwise go unnoticed," Microsoft explained.

Among the benefits of Microsoft's upgraded Sentinel include the ability for companies to keep raw data for compliance and digital forensics and a lower TCO with faster ROI.

You might also like

• Enhance cybersecurity with the best endpoint protection software
• Worried about emerging threats? Consider using the best ransomware protection
• "Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand