Chapter 8

SIEM integration

Security information and event management (SIEM) is highly utilized by many organizations, and it is the main source of truth when the subject is data security. The data ingested in this platform is highly utilized by the security operations (SOC) team. For large organizations that already have a SIEM solution in place, it is almost a requirement to integrate Azure Security Center with their current SIEM solutions. These SIEM solutions will help the SOC team to rationalize all the data that is ingested from multiple platforms and perform data correlation across this data. In 2019, Microsoft launched its own SIEM solution called Azure Sentinel, which can also be integrated with Security Center.

In this chapter, you ...

Get Microsoft Azure Security Center, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.