SIEM construction support service for Azure Sentinel, available from November 2nd

SB Technology Corp. (Headquarters: Shinjuku-ku, Tokyo, President ＆ CEO: Shinichi Ata, hereinafter referred to as SBT) has announced the launch of Azure Sentinel, a cloud-native SIEM *1 solution provided by Microsoft Japan Co., Ltd. (hereinafter referred to as Microsoft). We are pleased to announce that we will start providing the ``SIEM construction support service for Azure Sentinel'' from November 2nd, which provides implementation support.

■Click here for details on "SIEM construction support service for Azure Sentinel".
https://www.softbanktech.co.jp/service/list/microsoft-azure/azure-sentinel/

Azure Sentinel is a cloud-native security operation solution with the following three main features:

• SIEM functionality
  Detect threats by centrally managing all event logs and performing correlation analysis
• SOAR *2 function
  Achieving automation of operations from integrating various threat information to incident handling
• UEBA *3 function
  By analyzing the behavior of people (Users) and things (Entities), we discover abnormal behaviors that those people (things) do not normally take.

By using Azure Sentinel, you can speed up alert detection, analysis, and response to security incidents, and automate operations.

On the other hand, starting to use Azure Sentinel requires knowledge and know-how regarding security, such as setting rules for log collection and analysis and building SOAR for operational automation. Therefore, it may be difficult for companies without dedicated security staff to implement it on their own.
``SIEM construction support service for Azure Sentinel'' organizes the tasks necessary for initial construction, such as log collection and alert rules, into a menu and smoothly performs various settings. We will also provide training so that companies can operate it themselves. We also plan to provide operational support services necessary to continue using Azure Sentinel. (Started offering in January 2021).

■ Background

According to Mick Economic Research Institute's "Current Status and Prospects of the Information Security Managed and Cloud Service Market 2020 Edition," sales of SIEM operation services were 2.55 billion yen in 2019, 130.8% compared to the previous year, and the same in 2020. It is expected to be 3.15 billion yen, an increase of 123.5%. Since around 2016, the number of companies installing CSIRTs and private SOCs has increased significantly, and in doing so, they are often introducing SIEMs to collect and analyze logs from increasingly complex security devices and software. Under these circumstances, there are many cases where it is not possible to operate SIEM in-house, so the use of operation services is expanding.
Azure Sentinel not only has SIEM functions, but also automation using SOAR functions suitable for in-house operations, and log analysis from a compliance perspective such as attendance analysis by using UEBA functions, which has a wider range than conventional security measures. analysis is possible.

• *1 SIEM: Security Information and Event Management
• *2 SOAR: Security Orchestration, Automation and Response
• *3 UEBA: User and Entity Behavior Analytics

■ Endorsement
We have received comments from Microsoft Japan Co., Ltd. regarding the launch of this service.

We sincerely welcome the launch of SB Technology Corp. 's ``SIEM construction support service for Azure Sentinel.'' As many companies shift to new ways of working to accommodate the new normal, they are facing new security challenges. Azure Sentinel intelligently analyzes security across the enterprise and uses AI to reduce the burden on users in security operations, while retaining the usefulness of the cloud.
We are confident that SB Technology Corp. 's cloud technology will enable us to implement new security measures in response to the new normal by providing the optimal architecture tailored to customer issues.
Microsoft Japan will continue to support customers' security measures through collaboration with SB Technology Corp.

Microsoft Japan Co., Ltd. Partner Business Headquarters Deputy Business Headquarters Executive Officer Sadao Kondo

SBT will continue to contribute to customer companies' DX promotion and new business creation by utilizing cutting-edge technologies such as cloud, IoT, and AI, with the aim of realizing a rich information society for the new normal era. .

■ Security services that combine SBT 's strength in cloud knowledge
SBT 's security business mission is to "realize Cyber Resilience together with our customers," and we provide a variety of security services. In order to minimize the damage caused by incidents without stopping the customer's system, and to speed up the recovery of the main business (services and systems), we do not only introduce security equipment and services, but also analyze and contain threats. services), security consulting, and CSIRT construction support services.

• *Microsoft and Azure are registered trademarks or trademarks of Microsoft Corporation in the United States and other countries.