Zinovate Cloud

Azure Sentinel
Play Video about Azure Sentinel
Download Brochure
Product Enquiry

Azure Sentinel Overview

Azure Sentinel Features

Azure Sentinel Plans

Azure Sentinel Overview

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs.

Azure Sentinel Features

Collect

Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

Detect

Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

Investigate

Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

Respond

Respond to incidents rapidly with built-in orchestration and automation of common tasks

Limitless cloud speed and scale

As a cloud-native SIEM, Azure Sentinel is 48 percent less expensive and 67 percent faster to deploy than legacy on-premises SIEMs.

AI on your side

Simplify security operations and speed up threat response with integrated automation and orchestration of common tasks and workflows.

Behavior analytics to stay ahead of evolving threats

Gain more contextual and behavioral information for threat hunting, investigation, and response using the built-in entity behavioral analytics.

Streamlined and cost-effective security data collection

Simplify data collection across different sources, including Azure, on-premises solutions, and across clouds using built-in connectors. Connect with data from your Microsoft products in just a few clicks. Import Office 365 audit logs, Azure activity logs, and alerts from Microsoft threat protection solutions for free, and analyze and draw correlations to deepen your intelligence.

Azure Sentinel Plans

Commitment Tiers

With Commitment tiers you are billed a fixed fee based on the selected tier, enabling a predictable total cost for Azure Sentinel. Commitment tier provides you a discount on the cost based on your selected commitment tier compared to Pay-As-You-Go pricing. You have the flexibility to opt out of the capacity tier any time after the first 31 days of commitment. Prices shown below are related to the analytics enabled by Azure Sentinel and do not include the related data ingestion charges for Log Analytics. Please refer to the Azure Monitor Log Analytics pricing for the related data ingestion charges.

Pay-As-You-Go

With Pay-As-You-Go pricing, you are billed per gigabyte (GB) for the volume of data ingested for analysis in Azure Sentinel and stored in the Azure Monitor Log Analytics workspace. Data volume is measured by the volume of data that will be stored in GB (10^9 bytes). Prices shown below are related to the security analytics enabled by Azure Sentinel. Prices shown below are related to the analytics enabled by Azure Sentinel and do not include the related data ingestion charges for Log Analytics. Please refer to the Azure Monitor Log Analytics pricing for the related data ingestion charges.

Free Trial

Azure Sentinel can be enabled at no additional cost on an Azure Monitor Log Analytics workspace for the first 31-days. Usage beyond the first 31-days will be charged per pricing listed above. Charges related to Azure Monitor Log Analytics for data ingestion and additional capabilities for automation and bring your own machine learning are still applicable during the free trial.

Data Retention

Once Azure Sentinel is enabled on your Azure Monitor Log Analytics workspace, every GB of data ingested into the workspace can be retained at no charge for the first 90 days. Retention beyond 90 days will be charged per the standard Azure Monitor Log Analytics retention prices.

Azure Monitor Log Analytics

Azure Sentinel is built on the proven foundation of Azure Monitor Log Analytics platform and enables an extensive query language to analyze, interact with, and derive insights from huge volumes of operational data in seconds. Azure Sentinel is billed based on the volume of data ingested for analysis in Azure Sentinel and stored in Azure Monitor Log Analytics workspace. Please refer to the Azure Monitor Log Analytics pricing for the related data ingestion charges.

Automation and bring your own Machine Learning

Azure Sentinel integrates with many other Azure services providing enhanced capabilities for Security Information and Event Management (SIEM) and Security Orchestration and Automation and Response (SOAR).Some of these services may have additional charges:

F.A.Q.

Got a question? We’ve got answers.
Visit our Support Center for more questions.
Yes, Azure Sentinel is built on the Azure platform. It provides a fully integrated experience in the Azure portal to augment your existing services, such as Azure Security Center and Azure Machine Learning.
You can opt into a commitment tier at any time. Once you opt in, you will continue to be in your selected commitment tier unless you decide to opt out to a different pricing model or upgrade or downgrade your commitment tier.
Any Azure services that you use in addition to Azure Sentinel are charged per their applicable pricing. For example – Log Analytics, Logic Apps, Machine Learning.
Azure Activity Logs, Office 365 Audit Logs (all SharePoint activity and Exchange admin activity) and alerts from Microsoft Defender products (Azure Defender, Microsoft 365 Defender, Microsoft Defender for Office 365, Microsoft Defender for Identity, Microsoft Defender for Endpoint), Azure Security Center and Microsoft Cloud App Security can be ingested at no additional cost into both Azure Sentinel and Azure Monitor Log Analytics.
Azure Sentinel integrates with many enterprise tools, including best-of-breed security products, homegrown tools, and other systems like ServiceNow. It provides an extensible architecture to support custom collectors through REST API and advanced queries. It enables you to bring your own insights, tailored detections, machine learning models, and threat intelligence.