"In its latest step toward that goal, the tech giant announced Tuesday that it has upgraded Sentinel -- a Security Management and Events Incidents (SIEM) platform designed to help cybersecurity professionals track and respond to threats. The platform is now more agentic, or capable of taking action autonomously without meticulous human oversight. The upgrades (and what they do) The first upgrade announced Tuesday has to do with the approach that Sentinel takes in its response to cyberthreats."
"According to Microsoft, the platform now operates according to what's known in the cybersecurity industry as "graph-based" context. Just as any point on a Cartesian graph can be plotted with precise coordinates along multiple axes, a graph-based cybersecurity response system breaks a computer network down into a unified system of interconnected digital pathways, so that a threat that pops up in any particular node can be assessed according to its relationship and interconnectivity with all the others."
AI is creating new cybersecurity threats while also enabling novel defensive tools. Microsoft upgraded Sentinel, a SIEM platform, to operate more agentically and take autonomous actions with reduced human oversight. Sentinel now uses graph-based context that represents networks as interconnected pathways so threats can be evaluated by relationships among nodes. Graph-based capabilities allow plotting threat pathways backward and forward in time to trace movement and anticipate future activity. These graph-based abilities are designed to work with Security Copilot agents to enable automated detection, contextual analysis, and coordinated responses across systems. The upgrades aim to help cybersecurity teams respond more quickly and autonomously during the industry's transition to AI-driven security operations.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]