Microsoft Enhances Sentinel: Introduces Security Copilot, Sentinel Graph, and Expands SIEM Capabilities
Microsoft has enhanced its Sentinel platform, a unified security tool that combines data from Microsoft and third-party sources. ABN Amro, a Dutch bank, is leveraging Sentinel to break down data silos and bolster its security stance.
The updates to Microsoft Sentinel include the introduction of Security Copilot. This new feature allows users to build and launch agents using a no-code builder and supports coding platforms. Security Copilot agents, created by Microsoft and partners, are now available in the Microsoft Security Store, enabling easy discovery, purchase, and deployment.
Sentinel Graph, another new tool, provides context to security tools by tracing attack paths, assessing impact, and helping teams prioritize responses. Microsoft is also extending Sentinel's SIEM platform to unify analytics and orchestrate security agents. The Sentinel MCP Server connects to agents, offering AI-powered reasoning over unified data and simplifying access to data sources.
Microsoft is collaborating with partners like Workday to offer Security Copilot agents in the Microsoft Security Store. This store enables the discovery, purchase, and deployment of agents developed by Microsoft and partners for specific security scenarios, such as phishing triage and access review. Additionally, Microsoft is integrating Sentinel insights with Defender threat detection and Purview data governance platforms.
With these updates, Microsoft Sentinel now serves as both a SIEM and a comprehensive security platform, offering open integration, multi-cloud coverage, and natural language workflows. ABN Amro's use of Sentinel demonstrates the platform's potential in eliminating silos and building a proactive security posture.
