Chapter 8SIEM integration

Security Information and Event Management (SIEM) is highly utilized by many organizations as the main source of truth when the subject is data security. The data ingested in this platform is highly utilized by the Security Operations (SOC) team. For large organizations that already have a SIEM solution in place, it is almost a requirement to integrate Security Center with their current SIEM solutions. These SIEM solutions will help the SOC team rationalize all the data that is ingested from multiple platforms and perform data correlation across this data. In 2019, Microsoft launched its own SIEM solution, called Azure Sentinel, which can also be integrated with Security Center.

In this chapter, you will learn how to ...

Get Microsoft Azure Security Center, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.