Open Systems MDR Leverages Microsoft Azure Sentinel’s Cloud SIEM
Open Systems, a secure access service edge (SASE) and SD-WAN provider, has announced a managed detection and response (MDR) service that leverages Microsoft Azure Sentinel — a cloud-based security information and event management (SIEM) service.
Organizations can use the Open Systems MDR service to continuously monitor and detect cyber threats, according to a prepared statement.
How the Service Works
The MDR service ingests an Open Systems customer’s security data and passes it to Azure Sentinel to identify true positives and suspicious behavior, the company said. Security engineers at Open Systems’ Zurich, Switzerland or Redwood City, California security operations centers (SOCs) then analyze this information, escalate any threats to a security team analyst assigned to the customer and offer threat containment and remediation recommendations.
Furthermore, organizations can use Open Systems’ MDR service and Azure Sentinel in combination with its SASE solution and SD-WAN, the company said. In doing so, organizations can leverage the MDR service to securely drive digital transformation and increase their use of mobile devices, edge computing and the cloud.
Open Systems’ MDR service is currently in early access, and it is expected to be generally available in the third quarter of 2020.
Azure Sentinel: Here’s What MSSPs Need to Know
Microsoft launched Azure Sentinel in September 2019. The cloud service helps security administrators identify, detect and block cyberattacks in near-real-time and leverage intelligent security analytics. Several Top 200 MSSPs have already integrated Sentinel into their portfolios.
Recent partner efforts include:
- Trustwave in November 2019 unveiled its Azure Threat Detection and Response service at the Microsoft Ignite 2019 enterprise customer conference in Orlando, Florida. Azure Threat Detection and Response is delivered via the Trustwave Fusion cloud-based security platform and features Azure Sentinel capabilities.
- CyberProof in September 2019 announced an Azure Sentinel integration. CyberProof customers can use the integration to automate threat detection and incident response and recovery and access security insights via the Microsoft Intelligence Security Graph.