Microsoft Security Solutions Flashcards
What is SIEM?
Security information and event management (SIEM) is a tool that collects data from your IT system (infrastructure, software, and resources). It does analysis, looks for correlations or anomalies, and generates alerts and incidents.
What is SOAR?
Security orchestration automated response (SOAR) is a system that takes alerts from many sources, such as a SIEM system. It then triggers action-driven automated workflows and processes to run security tasks that mitigate the issue.
What is Microsoft Sentinel?
A scalable, cloud-native, SIEM\SOAR\XDR solution.
It delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for attack detection, threat visibility, proactive hunting, and threat response.
What is XDR?
Extended detection and response (XDR) is a system designed to deliever intelligent, automated, and integrated security across an organization’s domain.