Advanced threat detection and response services aimed at Azure

Trustwave Threat Detection and Response services for Microsoft Azure integrates with Microsoft Azure Sentinel, a cloud-native security information and event management (SIEM) solution and Microsoft Defender Advanced Threat Protection. Data from users, devices and applications are continuously collected and fed to Trustwave security analysts who inspect for malware, rogue code, behavioral anomalies and other indicators of malicious activity. Leveraging the Microsoft Security Graph application programming interface (API), Trustwave ingests only data that is needed for optimal efficiency and to abide with any data privacy restrictions.

In addition to 24x7 threat monitoring and alerts, an advanced option for Microsoft Defender Advanced Threat Protection clients immediately escalates a detected incident to a full scale digital forensic investigation and/or threat hunt initiating triage or active "seek and destroy" missions to purge adversaries or other dangers from environments.

"As enterprises continue to move operations to cloud and hybrid cloud environments, detecting and responding to threats has become increasingly challenging as the attack surface expands and the sheer amount of new security technologies to comprehend grows," said Chris Schueler, senior vice president of managed security services at Trustwave. "Our integration with Microsoft layers powerful threat detection and response capabilities onto Microsoft Azure and leverages elite security experts to analyze data flows, identify irregularities and jump into action when needed."

Trustwave Threat Detection and Response for Microsoft Azure is delivered through the Trustwave Fusion platform, a cloud-native platform that unifies data from Microsoft Azure, endpoints, networks and multi-cloud environments across an organization's entire footprint with the Trustwave data lake, actionable threat intelligence and an elite team of security specialists.

Key benefits for Microsoft Azure customers include:

• Full threat visibility and centralized control - The Trustwave Fusion platform offers a single view of threats, technology management, vulnerabilities and perceived risks across an organization's environment. An intuitive dashboard serves to track security events, respond to alerts and launch advanced countermeasures based on data from Microsoft Azure Sentinel and Microsoft Defender Advanced Threat Protection. Microsoft Azure and non-Microsoft assets are supported for enterprises with diverse security vendor technologies and multi-cloud environments.
• Access to elite security expertise and global threat intelligence - Threat Detection and Response for Microsoft Azure is led by Trustwave SpiderLabs, a renowned team of threat hunters, ethical hackers, digital forensic investigators and other highly skilled security practitioners. This team cross references threat intelligence from Microsoft Defender Advanced Threat Protection, the Trustwave network of global security operation centers (SOCs) and outside sources to gain insights on new threats and applying appropriate response as required.
• World-class consulting for deployment and optimization - Trustwave Consulting and Professional Services team delivers upfront setup, configuration and continuous fine tuning for Microsoft Azure Sentinel and Microsoft Defender Advanced Threat Protection based on enterprise risk tolerance and needs. During post deployment, these specialized experts provide policy and rule management monitoring to help ensure the security elements of Microsoft Azure are operating at peak efficiency.

"Microsoft welcomes the opportunity to partner with an innovative MSSP like Trustwave and build the future of intelligent security together," stated Scott Woodgate, Sr. Director, Azure Security, Microsoft. "Trustwave's strong threat detection and response expertise paired with Microsoft's cloud native tools will enable customers to build a more proactive answer to incident response."