MSSP’s service will now include Microsoft’s SIEM capabilities
CriticalStart is incorporating Microsoft Azure’s Sentinel security technology into its managed detection and response (MDR) service.
The Lowdown: The Plano, Texas-based managed security service provider (MSSP) said this week that the Azure Sentinel security information and event management (SIEM) system is now part of its platform, which is designed to resolve every security alert for its customers.
The Details: CriticalStart’s MDR offering uses a trusted behavior registry to investigate alerts, classify them, and then resolve them. A key goal is to reduce the number of instances of false positives, which can overwhelm security teams. Through its CyberSOC service delivery platform, the MSSP, which sells entirely through the channel, is able to decrease such incidents by 99.9%, according to officials.
Azure Sentinel, released last year, comes in with the ability to collect security data across the entire enterprise, whether the business is on premises, in the cloud, or a combination of both. Leveraging artificial intelligence (AI) techniques, the SIEM technology gathers threat information data from users and devices to applications and infrastructures, analyzing trillions of signals per day.
Taking advantage of Azure Sentinel in CriticalStart’s MDR service, enterprises can reduce infrastructure costs by as much as 60% and leverage pay-as-you-go pricing. They also can ingest data from Microsoft Office 365 at no cost.
The Impact: With the growing number and sophistication of cyberthreats in a highly decentralized IT world of clouds, mobile devices, the edge, and the Internet of Things (IoT), MDR services – which can include threat detection, threat hunting, response, and remediation – are getting a lot of attention. A report from Reports and Data said the MDR market will reach more than $4.6 billion by 2026.
The Buzz: “We’re pleased to offer customers access to best-in-class security solutions,” said CriticalStart CTO Randy Watkins. “Microsoft Azure Sentinel enables security operations teams to enhance the security posture of our customers benefiting from the power of the Microsoft platform.”
“Customers want clarity, visibility, and help in prioritizing what security alerts are most important,” said Ann Johnson, corporate vice president of Microsoft’s Cybersecurity Solutions Group. “With the power and scale of Microsoft Azure Sentinel, combined with CriticalStart’s MDR services, we can further empower an organization’s ability to streamline and simplify their security operations.”