Azure is adding new features day by day, so the change rate is being so fast, and one of them is Azure Sentinel. Many people confuse Sentinel with ASC, at first glance both products look quite similar, both secure Azure subscription and both must be included in a cybersecurity perspective.
Meanwhile ASC collects and detect data in Azure, Sentinel adds to these functionalities Investigate and Respond
ASC gives recommendations regarding Azure security to:
- Get Secure faster & Strength your security posture
- Protect against threats
While Sentinel, which is considered a SIEM, delivers intelligent security analytics and threat intelligence across Azure (including AAD)
- Collect al type of data (users, devices, applications, etc…), you can ingest a lot of information, even from external systems like AWS (workbooks are supergreat!)
- detect previously undetected threats and minimize false positive
- Investigate threats with artificial intelligence and hunt those threats
- respond to incidents rapidly
In conclusion, both products works better together, so if have some word regarding your enterprise security, give a try to sentinel and ASC.