Name: Microsoft Sentinel
Brand: Community
Availability: InStock

Overview

Microsoft Sentinel, also known as Azure Sentinel, is a cloud-native security information and event management (SIEM) service offered by Microsoft. It's designed to provide intelligent security analytics at cloud scale for enterprises. Azure Sentinel enables security teams to detect, investigate, and respond to security threats across the organization's entire hybrid environment, including on-premises and multi-cloud environments.

Features

This integration leverages Saviynt APIs and the Microsoft Sentinel Codeless Connector Framework (CCF) to ingest identity events into Microsoft Sentinel.

Saviynt Identity Security Platform generates audit logs that capture user actions, including changes to SAV roles, global configurations, connections, etc. The Sentinel integration periodically polls these audit events from Saviynt and creates incidents based on pre-defined analytics rules for threat detection

For additional details about Saviynt APIs visit API Reference

About the Developer

This app was developed by members of the Saviynt Community. Community apps are provided "as is" with troubleshooting and usage guidance available for our core frameworks or connectors (REST, SOAP, JDBC, LDAP, PowerShell, Extensions, Connector Framework or APIs). Customers are encouraged to seek support primarily through community channels. This includes Saviynt forums, user groups, and other community-driven platforms where members can share knowledge.