Microsoft Named a Leader in the 2022 Gartner Magic Quadrant for Security Information and Event Management
Security operations teams are overwhelmed trying to protect their organizations against an onslaught of cyberattacks, including a 92 percent rise in ransomware attacks. Too often, existing security tools are siloed or not designed to meet the needs of today’s hybrid cloud environment. The result is overworked security analysts, unaddressed alerts, and undetected threats. As the threat landscape evolves, protecting today’s hybrid cloud environment requires a comprehensive approach that gives security operations (SecOps) teams the context they need to protect their organization better and faster.
Microsoft Sentinel is a modern, cloud-native security information and event management (SIEM) solution that collects security data from your entire organization. Using hundreds of connectors and AI to help SecOps teams prioritize the most important incidents, Microsoft Sentinel includes user and entity behavior analytics (UEBA) and rich security orchestration, automation, and response (SOAR) capabilities.
Microsoft is named a Leader in the 2022 Gartner Magic Quadrant for Security Information and Event Management and is positioned highest on the measure of Ability to Execute axis. We believe Microsoft’s placement in the Leaders quadrant validates our commitment to empowering our customers with a cloud-native SIEM powered by AI and automation.
It is fulfilling to see the ongoing value our customers realize from Microsoft Sentinel today. iHeartMedia, a multinational entertainment company, chose Microsoft Sentinel for its simplicity, ease of management, and cost efficiency. “One screen shows our analysts the intelligence to alert based on the data it combines from multiple systems, including firewalls, domain controllers, and everything else,” says Janet Heins, Chief Information Security Officer, iHeartMedia.
Another global operation, Pearson VUE, also chose to empower its cybersecurity team with consolidated visibility by migrating to Microsoft Sentinel, while benefitting from reduced infrastructure costs. “I appreciate the collaborative approach Microsoft takes by having its team meet with ours to share advice on implementation details and fast-track issue resolution,” explains Vladan Pulec, Enterprise Architect, Pearson VUE.
Microsoft has continued to make investments in Microsoft Sentinel over the last 12 months, including:
- New data ingestion and transformation capabilities: With in-built normalization schemas, codeless API connectors, and low-cost options for collecting and archiving logs, we’ve made it easier to onboard new data sources.
- Rich SOAR and UEBA capabilities: By leveraging additional UEBA entity pages, reducing response times, and correlating similar alerts to an incident, we’ve helped improve SOC performance.
- Broad ecosystem integration: Connecting existing systems to Microsoft Sentinel is vitally important, and this year we added more than 180 solutions that not only connect data but also provide analytic rules, workbooks, automation playbooks, and more.
Microsoft’s overall vision for protecting customers from threats is unique compared to vendors that only offer a SIEM. Microsoft takes the best of SIEM and combines that with the best of extended detection and response (XDR) to deliver a unified security operations platform—the breadth of coverage only a SIEM can provide and the depth of insight that XDR provides. That means teams using Microsoft security solutions have more context to work from to resolve attacks faster. Customers using our XDR capabilities, such as Microsoft 365 Defender, also receive a discount on their data ingestion into Microsoft Sentinel.
Microsoft named a leader in 2022 Gartner Magic Quadrant