Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: Azure Monitor
Azure Monitor is one of the Microsoft Azure cloud services. It provides a single source monitoring Azure resources/services. It allows the users to view, query, route, archieve and take actions on metrics, and logs collected from different Azure resources/services.
Netsurion's Open XDR platform integrates with Azure Monitor, collects log from Azure Monitor and creates a detailed reports, alerts, dashboards and saved searches. These attributes of Netsurion's Open XDR platform help users to view the critical and important information on a single platform.
Reports contain detailed overview of the activities that are associated with virtual machines, audit events such as authorization to services, and events that are performed by users with administrative privilege.
Alerts are provided as soon as any critical event are triggered by the Azure Monitor. With alerts, users will be able to get notifications about real time occurrences of events such as, failed authentication while accessing azure services, security events such as detection of trojan.
Visual/graphical representations, i.e. dashboard, consists of events such as administrative operation by source IP, security events by event name such as antimalware action taken, number/percentage of events available in each category, azure resources attacked by an adversary, etc.
After the Azure Monitor is configured to deliver events to the Netsurion's Open XDR platform, the dashboards and reports can be configured into Netsurion's Open XDR platform.
Some of the Data Source Integrations available in Netsurion are listed below.
The configuration details are consistent with Netsurion's Open XDR platform version 9.x or later, and Microsoft Azure Platform.
Download Integration Guide and How-to Guide for more information and to configuration instructions.