Azure Sentinel Design
Leveraging the power of the LAB3 and Managed Sentinel alliance, we are able to provide the latest in security design thinking (see here for announcement).
Azure Sentinel born-in-the-cloud SIEM was released in preview mode in February 2019 and in full general availability in September 2019, however, by analyzing the core components of Sentinel, we realize that this is a new product built from mature components such as Azure Monitor/Log Analytics, Logic Apps / Microsoft Flow, Jupyter Notebooks and the powerful query engine KQL.
The diagram below is a one-page view of the core Azure Sentinel components and how various parts of the traditional SIEM infrastructure relate to it. We have also included some of the complementary services that are not part of Sentinel itself but are typically used in correlation with Sentinel.
For more information on Azure Sentinel click here.