BT, a Top 200 MSSP, has announced a fully managed security and advisory service built on Microsoft Azure Sentinel, a cloud-based security information and event management (SIEM) tool. The news comes during this week's Microsoft Inspire 2020 worldwide partner conference.
With Azure Sentinel, BT will provide a managed service that combines alert detection with threat visibility and response, according to the company. The managed service also will leverage data from the Azure Sentinel workspace and BT's cybersecurity expertise and threat intelligence.
Furthermore, BT customers will be able to use Azure Sentinel in combination with the MSSP's security advisory services, the company stated. This ensures that BT customers can deploy Azure Sentinel to receive security guidance to help them keep pace with current and evolving cyber threats.
The BT-Azure Sentinel move is somewhat similar to Cyderes launching a cloud SIEM that leverages Google Chronicle platform. Cyderes is a Top 200 MSSP owned by Fishtech Group. Chronicle potentially competes with Azure Sentinel in some ways.
Introducing Azure Sentinel Data Connectors
Along with BT's announcement, Microsoft this week unveiled over a dozen new data connectors for security solutions that enable data collection and automation scenarios in Azure Sentinel. These connectors include:
- VMware Carbon Black: Enables organizations to ingest Carbon Black events, audit logs and notifications.
- Sophos XG Firewall: Allows organizations to collect Sophos XG Firewall logs.
- Symantec: Offers two data connectors that enable organizations to ingest Symantec Proxy SG (Secure Gateway) and Symantec VIP logs.
The Azure Sentinel data connectors empower organizations to collect and analyze security data from various security solutions at cloud scale, Microsoft stated. They also offer access to workbooks and analytic rule templates to help organizations monitor data sources and accelerate threat detection and response.
A Closer Look at Azure Sentinel
Organizations can use Azure Sentinel to identify, detect and block cyberattacks in near-real-time, according to Microsoft. Azure Sentinel also provides organizations with access to intelligent security analytics.