back to article In the cloud, things aren't always what they SIEM: Microsoft rolls out AI-driven Azure Sentinel

Microsoft has wheeled out two new enterprise security tools – Azure Sentinel, a cloud-based SIEM, and Microsoft Threat Experts, an infosec advice-as-a-service bundled with a panic button. The two services are part of Redmond's ongoing invasion of the cloud security market. It will be showing off the technology at the RSA …

  1. Anonymous Coward
    FAIL

    Unspeakably wicked

    Just an excuse for more slurping by MSFT

  2. This post has been deleted by its author

  3. Robert Helpmann?? Silver badge
    Childcatcher

    Just trying to understand

    ...nearly limitless cloud speed and scale...

    It's early and I had to break this down to process because not enough caffeine:

    ...nearly limitless...

    So it has limits. Check!

    ..cloud speed...

    It's the new Project Tartan cloud. It moves at the speed of plaid. Check!

    ...and scale...

    And it's a fish. Got it!

    1. GnuTzu Silver badge
      Megaphone

      Re: Just trying to understand -- Priors of Ori

      If it's anything like O365, they'll expect you to pipe all that data over the Internet directly without the protection of a web proxy.

      And, don't forget, Microsoft sales reps are the like the Priors of Ori; they'll pressure your organization into signing the contract before any feasibility or security studies can be done. Remember, they don't care if you want to define your security policies or perform risk analysis yourself; all your policies become what they dictate. Microsoft is Origin.

  4. 90APT_emx

    "Azure Operations Management Suite and Security Centre lacked the event correlation and automation that market leaders like Splunk and Alienvault know is needed for a SIEM to be anything other than an irritating source of noise." - its not about correlation, its simpler than that. The tools will always be noisy - whether that noise is irritating or not depends on the effort put into understanding business data flows and configuring alerts.

    And on that subject, looks like they rolled out their new Telepathic SIEM that can figure out how the business intended to utilise TCP/IP for their apps, just from reading the minds of app architects, and configure alerts accordingly. I can't see how this solution can possibly work. I'm not seeing the 'I' part of AI here.

    1. GnuTzu Silver badge
      Joke

      "I'm not seeing the 'I' part of AI here."

      Oh, but at Microsoft, the "A" stands for "absent".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020