{"id":17789,"date":"2020-02-20T13:00:58","date_gmt":"2020-02-20T21:00:58","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/02\/20\/news-11522\/"},"modified":"2020-02-20T13:00:58","modified_gmt":"2020-02-20T21:00:58","slug":"news-11522","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/02\/20\/news-11522\/","title":{"rendered":"Free import of AWS CloudTrail logs through June 2020 and other exciting Azure Sentinel updates"},"content":{"rendered":"

Credit to Author: Todd VanderArk| Date: Thu, 20 Feb 2020 14:00:44 +0000<\/strong><\/p>\n

SecOps teams are increasingly challenged to protect assets across distributed environments, analyze the growing volume of security data, and prioritize response to real threats.<\/p>\n

As a cloud-native SIEM solution (security information and event management), Azure Sentinel uses artificial intelligence (AI) and automation to help address these challenges. Azure Sentinel empowers SecOps teams to be more efficient and effective at responding to threats in the cloud, on-premises, and beyond.<\/p>\n

\n
\t\t\t\t \t\t\t<\/div>\n
\n

Azure Sentinel<\/h3>\n

Intelligent security analytics for your entire enterprise.<\/p>\n

\t\t\t\tLearn more<\/a> \t\t\t<\/div>\n

\t\t<\/div>\n

\t\t <\/p>\n

Our innovation continues, and we have some exciting news to share for the RSA 2020 conference including the ability to import AWS CloudTrail data for free through June 2020, opportunities to win up to $1,000 for community contributions, and many other product updates.<\/p>\n

Enable unified response across multiple clouds\u2014now with free import of AWS CloudTrail data through June 2020<\/h3>\n

More than 60 percent of enterprises<\/a> have a hybrid cloud strategy\u2014a combination of private and multi-cloud deployments. We\u2019re committed to help SecOps teams defend the entire stack, not just Microsoft workloads. That\u2019s why Azure Sentinel includes built-in connectors to bring together data from Microsoft solutions with data from other cloud platforms and security solutions.<\/p>\n

You can already ingest data from Azure activity logs, Office 365 audit logs, and alerts from Microsoft 365 security solutions at no additional cost. To further help our customers secure their entire multi-cloud estate, today we\u2019re announcing the ability to import your AWS CloudTrail logs into Azure Sentinel at no additional cost from February 24, 2020 until June 30, 2020.<\/p>\n

New and existing customers of Azure Sentinel can take advantage of this offer by using the built-in connector for AWS CloudTrail logs. Data retention charges after 90 days period and other related charges are applicable during this time as per Azure Sentinel terms. Learn more about Azure Sentinel pricing<\/a>.<\/p>\n

\"Image<\/a><\/p>\n

Once connected to your AWS CloudTrail logs, you can visualize and get relevant insights using built-in workbooks. You can even customize these dashboards and combine insights from other sources to meet your needs:<\/p>\n

\"Image<\/a><\/p>\n

Detections and hunting queries developed by Microsoft Security experts will make it easier to identify and respond to potential threats in your AWS environment:<\/p>\n

\"Image<\/a><\/p>\n

Gain visibility into threats targeting IoT<\/h3>\n

With the exponential growth in connected devices creating an uptick in attacks targeting IoT, it is critical for enterprise SecOps teams to include IoT data in their scope. A new Azure Security Center for IoT connector makes it easy for customers to onboard data from Azure IoT Hub-managed deployments into Azure Sentinel. Customers can now monitor alerts across all IoT Hub deployments along with other related alerts in Azure Sentinel, inspect and triage IoT incidents, and run investigations to track an attacker’s lateral movement within their enterprise.<\/p>\n

With this announcement Azure Sentinel is the first SIEM with native IoT support, allowing SecOps and analysts to identify threats in these complex converged environments.<\/p>\n

In addition, Upstream Security, a cloud-based automotive cybersecurity detection and response company, is launching integration with Azure Sentinel. This will enable customers to send threats detected by Upstream Security’s C4 platform to Azure Sentinel for further investigation.<\/p>\n

Collect data from additional data sources<\/h3>\n

We\u2019re continually adding new data connectors from leading security solutions and partners. Each of these data connectors have sample queries and dashboards to help you start working with the data immediately in Azure Sentinel:<\/p>\n