Microsoft Sentinel

Microsoft Sentinel is a security information and event management (SIEM) solution that helps you uncover and quickly respond to sophisticated threats. Explore case studies, product updates, and best practices to help you strengthen your security and reduce response times.

Refine Results

Filtered by

Clear All

Microsoft Sentinel

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

December 15

16 min read

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and related frameworks.
November 18

9 min read

Ambient and autonomous security for the agentic era

In the agentic era, security must be ambient and autonomous, like the AI it protects. This is our vision for security, where security becomes the core primitive.
November 4

4 min read

Learn what generative AI can do for your security operations center

This new e-book showcases what generative AI can do for your SOC, from reducing alert fatigue and enabling quicker triage to getting ahead of cyberattacks with proactive threat hunting, and more.
October 21

5 min read

The new Microsoft Security Store unites partners and innovation

The Microsoft Security Store is the gateway for customers to easily discover, buy, and deploy trusted security solutions and AI agents from leading partners.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Learn more
October 16

5 min read

Microsoft named a Leader in the 2025 Gartner® Magic Quadrant™ for SIEM

We’re honored to share that Microsoft has again been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM).
October 14

4 min read

Microsoft raises the bar: A smarter way to measure AI for cybersecurity

ExCyTIn-Bench is Microsoft’s newest open-source benchmarking tool designed to evaluate how well AI systems perform real-world cybersecurity investigations.
October 9

12 min read

Investigating targeted “payroll pirate” attacks affecting US universities

Microsoft Threat Intelligence has identified a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts, attacks that have been dubbed “payroll pirate”.
September 30

5 min read

Empowering defenders in the era of agentic AI with Microsoft Sentinel

Microsoft Sentinel is expanding into an agentic platform with general availability of the Sentinel data lake, and the public preview of Sentinel graph and Sentinel Model Context Protocol (MCP) server.
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Get started
September 25

13 min read

XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory

Microsoft Threat Intelligence has uncovered a new variant of the XCSSET malware, which is designed to infect Xcode projects, typically used by software developers building Apple or macOS-related applications.
September 24

4 min read

Retail at risk: How one alert uncovered a persistent cyberthreat

In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations.
September 18

5 min read

Microsoft Defender delivered 242% return on investment over three years

The latest 2025 commissioned Forrester Consulting Total Economic Impact™ (TEI) study reveals a 242% ROI over three years for organizations that chose Microsoft Defender.
July 22

20 min read

Disrupting active exploitation of on-premises SharePoint vulnerabilities

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers.

Microsoft Sentinel

Filtered by

Refine results

Modernize your Security Operations Center with Microsoft Sentinel

Retain Microsoft Security Experts

Get started with Microsoft Security