Understanding Microsoft Sentinel Fusion for Advanced Threat Detection

Slide Note
Embed
Share

Threat intelligence plays a crucial role in Microsoft Sentinel solutions, enabling the detection of multi-stage attacks, ransomware activities, and emerging threats. Fusion technology combines Graph-powered Machine Learning and probabilistic kill chain analysis to detect anomalies and high-fidelity incidents across cloud services, providing a new level of security for organizations. With extensive data coverage and customizable analytics rules, Fusion empowers security teams to monitor and respond to threats effectively.

ares
ares Follow

Uploaded on May 18, 2024 | 2 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Agenda Threat Intelligence Overview Fusion Incident Investigation

  2. Threat intelligence is used throughout Microsoft Sentinel Solutions Data Connectors Incidents Analytics Investigations Playbooks Notebooks Workbooks

  3. Microsoft Sentinel Fusion Advanced Multistage Attack Detection Analyzing activities across multiple cloud services into high-fidelity security cases using Graph-powered Machine Learning Activity Anomalous signals Graph-powered ML + probabilistic kill chain Further ML analysis 2.4 . 1.5 2.3 1.1 + Identity (millions of events) Office 365 activity (millions of events) Security alerts (thousands) Azure / AWS / GCP activities (millions of events) Suspicious candidates (hundreds) High Fidelity Incidents Anomalies (thousands) Host activities (millions of events) Firewall (multi-billion events)

  4. Fusion Detects 122 multi-stage attack scenarios covering kill chain stages from initial access to impact. Potential ransomware activities at defense evasion and execution stages A new set of ML algorithms that detects emerging threats Extended source signal coverage for all the assets monitored by the SOC team in a Sentinel workspace A new configuration UI to fine tune the input and output of Fusion

  5. Fusion Data Coverage Fusion for emerging threats Fusion multistage attack Fusion for ransomware Azure Active Directory Identity Protection Microsoft Defender for Cloud Microsoft Defender for Cloud Apps Microsoft Defender for Endpoint Palo Alto Networks 8 scheduled analytics rules* Microsoft Defender for Cloud Microsoft Defender for Cloud Apps Microsoft Defender for Endpoint Microsoft Defender for Identity Alerts from scheduled analytics rules, both built-in and those created by your security analysts. * Customizable anomalies Azure Active Directory Identity Protection Microsoft 365 Defender Microsoft Defender for Cloud Microsoft Defender for Cloud Apps Microsoft Defender for Endpoint Microsoft Defender for Identity Microsoft Defender for IoT Microsoft Defender for Office 365 Alerts from scheduled analytics rules, both built-in and those created by your security analysts. * * Scheduled analytics rules must contain kill-chain (tactics) and entity mapping information in order to be used by Fusion

Related


Sentinel-3 Pilot Study LANCE UWG Meeting Summary

Sentinel-3 Pilot Study LANCE UWG Meeting Summary

reva
Implementation of Angular Momentum Formalism in Low-Energy Fusion Reactions

Implementation of Angular Momentum Formalism in Low-Energy Fusion Reactions

eplou
INFUSE Program Overview: Public-Private Partnership for Fusion Energy

INFUSE Program Overview: Public-Private Partnership for Fusion Energy

bmalo
Optimizing Operator Fusion Plans for Large-Scale Machine Learning in SystemML

Optimizing Operator Fusion Plans for Large-Scale Machine Learning in SystemML

mwink
Understanding Sentinel Lymph Nodes in Endometrial & Vulval Cancer

Understanding Sentinel Lymph Nodes in Endometrial & Vulval Cancer

yaw_77
Secure Your Cloud with Confidence Defend against Threats with Microsoft Sentinel

Secure Your Cloud with Confidence Defend against Threats with Microsoft Sentinel

rainer
Key Fusion Reactions in Nuclear Astrophysics

Key Fusion Reactions in Nuclear Astrophysics

keey358
Understanding Latency in Sentinel-1A Standard Products

Understanding Latency in Sentinel-1A Standard Products

ines
POSNOC & ATNEC Trials Update by Amit Goyal: Investigating Axillary Treatment in Breast Cancer

POSNOC & ATNEC Trials Update by Amit Goyal: Investigating Axillary Treatment in Breast Cancer

daan
European Union's Copernicus Programme: Eyes on Earth

European Union's Copernicus Programme: Eyes on Earth

btey
Exploring Microsoft Graph: Accessing Files and Enhancing Microsoft 365 Platform

Exploring Microsoft Graph: Accessing Files and Enhancing Microsoft 365 Platform

madilynn
Cyber Threat Detection and Network Security Strategies

Cyber Threat Detection and Network Security Strategies

lilliemae
Understanding Digital Transformation in the Age of Cybersecurity Insight

Understanding Digital Transformation in the Age of Cybersecurity Insight

kaylen
Preoperative Bone Health Assessment in Spine Fusion Surgery

Preoperative Bone Health Assessment in Spine Fusion Surgery

monty
Understanding Tooth Fusion in Dentistry

Understanding Tooth Fusion in Dentistry

gola
Understanding Nuclear Reactions: Fusion, Fission, and Energy Production

Understanding Nuclear Reactions: Fusion, Fission, and Energy Production

bri_daw
Research Program on Spin Polarized Nuclei in Fusion Plasmas

Research Program on Spin Polarized Nuclei in Fusion Plasmas

royce
Investigating Be Dust Generation for Fusion Reactors

Investigating Be Dust Generation for Fusion Reactors

pavel
Advancements in Fusion Reactor Technology: A Comprehensive Overview

Advancements in Fusion Reactor Technology: A Comprehensive Overview

samr_rly
Fusion Science Department Enabling Research Projects 2021-2023

Fusion Science Department Enabling Research Projects 2021-2023

alay_596
Exploring Nuclear Fusion and Stellar Evolution

Exploring Nuclear Fusion and Stellar Evolution

ken_alm
Role of AI in Threat Detection and Zero-day Attacks

Role of AI in Threat Detection and Zero-day Attacks

kacey
Microsoft Access: A Comprehensive Overview

Microsoft Access: A Comprehensive Overview

kayla
Deployment of New Technologies: Insights from Microsoft's Internal IT

Deployment of New Technologies: Insights from Microsoft's Internal IT

maue_hna

More Related Content

The Solomon Project: Advancements in Data Integration and Fusion (2007-2012)
The Solomon Project: Advancements in Data Integration and Fusion (2007-2012)
Understanding Intrusion Detection Systems (IDS) and Snort in Network Security
Understanding Intrusion Detection Systems (IDS) and Snort in Network Security
Overview of GRANDproto Project Workshop on Autonomous Radio Detection
Overview of GRANDproto Project Workshop on Autonomous Radio Detection
Advanced Plasma Control Systems in Fusion Experiments
Advanced Plasma Control Systems in Fusion Experiments
Understanding Cyber Threat Assessment and DBT Methodologies
Understanding Cyber Threat Assessment and DBT Methodologies
Understanding Stereotype Threat in Education
Understanding Stereotype Threat in Education
Modern Threat Modeling & Cloud Systems in OWASP Sacramento
Modern Threat Modeling & Cloud Systems in OWASP Sacramento
Threat Assessment Tabletop Exercise Overview
Threat Assessment Tabletop Exercise Overview
Rootkit Detection with RAI - Practical Challenges and Solutions
Rootkit Detection with RAI - Practical Challenges and Solutions
Understanding Loops in Java Programming
Understanding Loops in Java Programming
Understanding While Loops and Sentinel Loops in Python
Understanding While Loops and Sentinel Loops in Python
Near Real-Time Flood Inundation Mapping Using Sentinel-1 Data During Hurricane Florence
Near Real-Time Flood Inundation Mapping Using Sentinel-1 Data During Hurricane Florence
Understanding Yaesu Fusion and WIRES-X Communication Systems
Understanding Yaesu Fusion and WIRES-X Communication Systems
Understanding Lumbarisation and Sacralisation in Human Spine
Understanding Lumbarisation and Sacralisation in Human Spine
Understanding the Structure and Energy Production of the Sun
Understanding the Structure and Energy Production of the Sun
Understanding Hydrogen Isotope Influence on H-Mode Confinement in Fusion Plasmas
Understanding Hydrogen Isotope Influence on H-Mode Confinement in Fusion Plasmas
Advances in Target Manufacturing for Inertial Confinement Fusion Experiments
Advances in Target Manufacturing for Inertial Confinement Fusion Experiments
Exploring Neutrino Science in Space with Unshielded Detector - Opportunities and Innovations
Exploring Neutrino Science in Space with Unshielded Detector - Opportunities and Innovations
Microsoft Licensing Overview for Education Institutions
Microsoft Licensing Overview for Education Institutions
Integration Landscape at Microsoft: Journey to Azure Logic Apps
Integration Landscape at Microsoft: Journey to Azure Logic Apps
Advanced Persistent Threat Incident Response: Case Study and Insights
Advanced Persistent Threat Incident Response: Case Study and Insights
Understanding Anomaly Detection in Data Mining
Understanding Anomaly Detection in Data Mining
Enhancing Air Quality Monitoring Through Multi-Pollutant Fusion System
Enhancing Air Quality Monitoring Through Multi-Pollutant Fusion System
Depth Profile Analysis of Fusion-Relevant Samples Using LIBS Technique
Depth Profile Analysis of Fusion-Relevant Samples Using LIBS Technique