Microsoft Introduces Ransomware Detection To AI-Powered Azure Sentinel Management Tool
Ransomware infections have been on the rise lately, affecting companies like Gigabyte or, more famously, Kaseya. Subsequently, the fight against the ransomware plague needs to meet and exceed threat actors’ efforts, and Microsoft is looking to help. In collaboration with the Microsoft Threat Intelligence Center, ransomware detection is being built into the Azure Sentinel security information and event management (SIEM) tool.
Azure Sentinel is an AI-assisted tool that analyzes copious amounts of data to detect and investigate threats on-premises and in the cloud. It is also helped by something called Fusion, a machine learning system used to “correlate different alerts and contextual signals together,” and assess patterns “that reveal attack progression or signals with shared contextual information.”
Though preventing a ransomware attack entirely would be ideal, that can be an incredibly difficult task with large networks. Thus, settling for acceptable casualties in an environment is the way to go, and Azure Sentinel will now help keep damage to a minimum with ransomware detection.
