Microsoft Sentinel Features

Documents the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point.

Keeps records of each network asset and its activity. Discovers new assets accessing the network.

Provides security information and stores the data in a secure repository for reference.

Alerts users of incidents and allows users to intervene manually or triggers an automated response.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Documents cases of abnormal activity and compromised systems.

Stores information related to common threats and how to resolve them once incidents occur.

Analyzes your existing network and IT infrastructure to outline access points that can be easily compromised.

Allows users to customize analytics with granulized metrics that are pertinent to your specific resources.

Allows users to search databases and incident logs to gain insights on vulnerabilities and incidents.

Visually displays connected applications and integrated data. Allows customization and management of workflow structures.

Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Constantly monitors logs to detect anomalies in real time.

Integrates additional security tools to automate security and incident response processes.

Collects information from multiple sources to cross reference and build contextual to correlate intelligence.

Stores information related to common threats and how to resolve them once incidents occur.

Offer pre-built and custom reporting and dashboards for quick insights into system states.

Clearly notifies users with relevant information and anomalies in a timely manner.

Sets a standard performance baseline by which to compare log activity.

Allows platform to scale to size of desired environment and configured with high availability and disaster recovery capabilities.

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives