Trustwave, a Top 200 MSSP for 2019, has launched Microsoft Azure Threat Detection and Response services to help organizations secure their cloud environments. The new offerings surfaced at the Microsoft Ignite 2019 enterprise customer conference in Orlando, Florida.
The new Azure Threat Detection and Response service is delivered via Trustwave Fusion, a cloud-based security platform that debuted released earlier this year. The service integrates with the Microsoft Azure Sentinel security information and event management (SIEM) solution; Sentinel became generally available in September 2019.
Also, Threat Detection and Response works in conjunction with the Microsoft Defender Advanced Threat Protection enterprise security platform; Trustwave SpiderLabs ethical hackers use threat intelligence from Defender Advanced Threat Protection, Trustwave's global security operation centers (SOCs) and outside sources to gain insights into threats and respond accordingly.
How Does Threat Detection and Response for Azure Work?
Threat Detection and Response for Azure collects data from end users, devices and applications, Trustwave indicated. It then delivers this information to Trustwave security analysts who inspect it for malware, rogue code, behavioral anomalies and other indicators of malicious activity.
In addition, Threat Detection and Response for Azure leverages the Microsoft Security Graph API to ingest relevant data, Trustwave said. It also offers a Defender Advanced Threat Protection option that allows organizations to escalate a detected incident to a digital forensic investigation, threat hunt initiating triage or active "seek and destroy" missions.
Trustwave, a Singtel company, delivers managed security, consulting and professional services and data protection technology to organizations in 96 countries. Furthermore, Trustwave provides a global channel partner program for MSPs, value-added resellers (VARs) and other technology vendors.