Azure Sentinel

GPTKB entity

Statements (55)
Predicate Object
gptkbp:instanceOf cloud-native security information and event management (SIEM) service
gptkbp:availableOn gptkb:Microsoft_Azure_Marketplace
gptkbp:category gptkb:SOAR
Cloud Computing
Security
SIEM
gptkbp:developedBy gptkb:Microsoft
gptkbp:documentation https://docs.microsoft.com/en-us/azure/sentinel/
gptkbp:features gptkb:personal_computer
gptkb:user_and_entity_behavior_analytics_(UEBA)
investigations
alerts
data connectors
workbooks
automation rules
playbooks
incidents
hunting queries
https://www.w3.org/2000/01/rdf-schema#label Azure Sentinel
gptkbp:integratesWith gptkb:Azure_Security_Center
gptkb:Microsoft_365_Defender
third-party security solutions
gptkbp:launched 2019
gptkbp:offers pay-as-you-go pricing
capacity reservation pricing
gptkbp:partOf gptkb:Microsoft_Azure
gptkbp:provides security analytics
threat intelligence
automated response
security orchestration
gptkbp:supports gptkb:machine_learning
gptkb:data_visualization
custom connectors
compliance reporting
incident response
threat detection
log analytics
cloud environments
multi-cloud monitoring
on-premises environments
integration with Azure Active Directory
integration with Google Cloud Platform
integration with Azure Logic Apps
integration with Azure Monitor
integration with AWS CloudTrail
integration with Cisco security products
integration with Fortinet security products
integration with Palo Alto Networks
gptkbp:uses gptkb:Kusto_Query_Language_(KQL)
gptkbp:bfsParent gptkb:Azure_Kubernetes_Service
gptkb:Azure_Lighthouse
gptkb:Azure_Virtual_Machines
gptkb:Azure_Virtual_Network
gptkb:Microsoft_Azure_WAF
gptkbp:bfsLayer 5