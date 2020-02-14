MSSP’s service will now includes Microsoft’s SIEM capabilities

CriticalStart is incorporating Microsoft Azure’s Sentinel security technology into its managed detection and response (MDR) service.

The Lowdown: The Plano, Texas-based managed security services provider (MSSP) said this week that the Azure Sentinel security information and event management (SIEM) system is now part of its platform, which is designed to resolve every security alert for its customers.

The Details: CriticalStart’s MDR offering uses a trusted behavior registry to investigate very alert created, classify them, and then resolve them. A key goal is to reduce the number of instances of false positives, which can overwhelm security teams. Through its CyberSOC service delivery platform, the MSSP, which sells entirely through the channel, is able to decrease such incidents by 99.9%, according to officials.



Azure Sentinel, released last year, comes in with the ability to collect security data across the entire enterprise, whether the business is on premises, in the cloud, or in a mixture of both. Leveraging artificial intelligence (AI) techniques, the SIEM technology gathers threat information data from users and devices to applications and infrastructures. The tool analyzes trillions of signals per day.



Taking advantage of Azure Sentinel in CriticalStart’s MDR service, enterprises can reduce infrastructure costs by as much as 60% and leverage pay-as-you-go pricing. They also for free can ingest data from Microsoft Office 365.

The Impact: With the growing number and sophistication of cyber-threats in a highly decentralized IT world of clouds, mobile devices, the edge, and the Internet of Things (IoT), MDR services – which can include threat detection, threat hunting, response, and remediation – are getting a lot of attention. A report from Reports and Data said the MDR market will reach more than $4.6 billion by 2026.

The Buzz: “We’re pleased to offer customers access to best-in-class security solutions,” CriticalStart CTO Randy Watkins said. “Microsoft Azure Sentinel enables security operations teams to enhance the security posture of our customers benefitting from the power of the Microsoft platform.”



“Customers want clarity, visibility, and help in prioritizing what security alerts are most important,” said Ann Johnson, corporate vice president of Microsoft’s Cybersecurity Solutions Group. “With the power and scale of Microsoft Azure Sentinel, combined with CriticalStart’s MDR services, we can further empower an organization’s ability to streamline and simplify their security operations.”