MSSP, Content, Security Operations

MSSP BT Unveils Microsoft Azure Sentinel SIEM Managed Security Service

BT, a Top 200 MSSP, has announced a fully managed security and advisory service built on Microsoft Azure Sentinel, a cloud-based security information and event management (SIEM) tool. The news comes during this week's Microsoft Inspire 2020 worldwide partner conference.

With Azure Sentinel, BT will provide a managed service that combines alert detection with threat visibility and response, according to the company. The managed service also will leverage data from the Azure Sentinel workspace and BT's cybersecurity expertise and threat intelligence.

Furthermore, BT customers will be able to use Azure Sentinel in combination with the MSSP's security advisory services, the company stated. This ensures that BT customers can deploy Azure Sentinel to receive security guidance to help them keep pace with current and evolving cyber threats.

The BT-Azure Sentinel move is somewhat similar to Cyderes launching a cloud SIEM that leverages Google Chronicle platform. Cyderes is a Top 200 MSSP owned by Fishtech Group. Chronicle potentially competes with Azure Sentinel in some ways.

Introducing Azure Sentinel Data Connectors

Along with BT's announcement, Microsoft this week unveiled over a dozen new data connectors for security solutions that enable data collection and automation scenarios in Azure Sentinel. These connectors include:

  • VMware Carbon Black: Enables organizations to ingest Carbon Black events, audit logs and notifications.
  • Sophos XG Firewall: Allows organizations to collect Sophos XG Firewall logs.
  • Symantec: Offers two data connectors that enable organizations to ingest Symantec Proxy SG (Secure Gateway) and Symantec VIP logs.

The Azure Sentinel data connectors empower organizations to collect and analyze security data from various security solutions at cloud scale, Microsoft stated. They also offer access to workbooks and analytic rule templates to help organizations monitor data sources and accelerate threat detection and response.

A Closer Look at Azure Sentinel

Organizations can use Azure Sentinel to identify, detect and block cyberattacks in near-real-time, according to Microsoft. Azure Sentinel also provides organizations with access to intelligent security analytics.

Azure Sentinel was launched in September 2019. Along with BT, CyberProof, Open Systems, Trustwave and other cybersecurity companies have already integrated Azure Sentinel into their portfolios.

Meta Description:

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.