LogSentinel SIEM afor
Azure Security Monitoring
Connect Azure to LogSentinel SIEM
Azure is a leading IaaS provider used by thousands of companies for their IT infrastructure. There are many sources of security-relevant events that should be integrated and correlated in order to gain full visibility on the threat landscape.
With LogSentinel SIEM you have a unified dashboard for real-time control and insight across all aspects of your Azure stack. Demonstrate compliance at reduced operational cost and minimize effort on audit, forensics and fraud detection.
Full Azure
log coverage
Azure AD and Azure access and identity logs, activity logs, resource logs, Office 365 logs, Azure vTap network monitoring
Threat
Detection
LogSentinel discovers anomalous behavior, as well as insider and cyber threats, based on rules, machine-learning and threat intelligence
Straightforward Integration
API-based integration allows you to collect events from multiple Azure sources by simply authorizing LogSentinel to collect the required data
Data Insights and visualizations
Gain insights by analyzing correlated data from Azure and other cloud and on-premise sources with flexible custom queries and charts
Azure Security Monitoring Use Cases
Unauthorized access
Monitor authentication and access logs and get alerted for anomalies
Configuration anomalies
Correlate Azure administrative logs and look for irregularities
Anomalous API calls
React to malicious API calls that can threaten the entire infrastructure
Suspicious IAM activity
Tackle IAM account management and privilege escalation risks
Suspicious traffic
Investigate suspicious traffic to and within your Azure infrastricture
