Microsoft Sentinel capabilities
Collect data at cloud scale
Easily connect your logs with Microsoft Sentinel using built-in data connectors—across all users, devices, apps, and infrastructure—on-premises and in multiple clouds.
Stay ahead of threats
Gain more contextual and behavioral information for threat hunting, investigation, and response using built-in entity behavioral analytics and machine learning.
Streamline investigation with incident insights
Visualize full scope of an attack, investigate related alerts, and search historical data.
Accelerate response and save time by automating common tasks
Triage incidents rapidly with automation rules and automate workflows with built-in playbooks increasing security operations center (SOC) efficiency.