Microsoft Sentinel is a cloud-native SIEM and SOAR solution that allows detection and hunting for actionable threats. It offers various ways to import threat intelligence data and use it in different parts of the product such as threat hunting, investigation, analytics, and workbooks.
Sectrio Threat Intelligence feeds are built for intervention and enable users to gain comprehensive, actionable insights and visibility into cyber threats targeting their business. The feeds offer curated and up-to-the-minute IoT and OT threat intelligence in supported formats such as STIX 2.0 and 2.1 and served through TAXII 2.0 and TAXII 2.1. The feeds are generated from Sectrio’s global honeypot networks spanning over 75 locations across the globe and constitute the result of a comprehensive analysis covering over 12 million daily threat samples generated from – OT and IoT ecosystem.
Through the integration between Microsoft Sentinel and Sectrio Threat Intelligence, businesses across a range of industries can now look forward to improved threat visibility and detecting attack vectors that target non-traditional IT such as OT and IoT. This integration will also enable businesses to adopt more robust security measures leveraging the MITRE ATT&CK framework thereby making it easier for Security teams to manage their incident response efficiently focused on their critical Infrastructure.