You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/microsoft-sentinel-defender-portal.md
+4-8Lines changed: 4 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Learn about the Microsoft Sentinel experience when you onboard Micr
4
4
author: batamig
5
5
ms.author: bagol
6
6
ms.topic: conceptual
7
-
ms.date: 07/13/2025
7
+
ms.date: 06/22/2025
8
8
appliesto:
9
9
- Microsoft Sentinel in the Microsoft Defender portal
10
10
ms.collection: usx-security
@@ -16,15 +16,11 @@ ms.collection: usx-security
16
16
17
17
# Microsoft Sentinel in the Microsoft Defender portal
18
18
19
-
Microsoft Defender provides a unified cybersecurity solution that integrates endpoint protection, cloud security, identity protection, email security, threat intelligence, exposure management, and SIEM into a centralized platform powered by a modern data lake. It uses AI-driven defense to help organizations anticipate and stop attacks, ensuring efficient and effective security operations.
19
+
Microsoft Defender provides a unified cybersecurity solution that integrates endpoint protection, cloud security, identity protection, email security, threat intelligence, exposure management, and SIEM into a centralized platform. It uses AI-driven defense to help organizations anticipate and stop attacks, ensuring efficient and effective security operations.
20
20
21
21
Microsoft Sentinel is generally available in the Microsoft Defender portal, either with [Microsoft Defender XDR](/microsoft-365/security/defender), or on its own, delivering a unified experience across SIEM and XDR for faster and more accurate threat detection and response, simplified workflows, and enhanced operational efficiency.
22
22
23
-
This article describes the Microsoft Sentinel experience in the Defender portal.
This article describes the Microsoft Sentinel experience in the Defender portal. We recommend that customers using Microsoft Sentinel in the Azure portal move into Microsoft Defender to take advantage of the unified security operations available and the latest capabilities. For more information, see [Transition your Microsoft Sentinel environment to the Defender portal](move-to-defender.md).
28
24
29
25
30
26
## New and improved capabilities
@@ -40,7 +36,7 @@ The following table describes the new or improved capabilities available in the
40
36
|**Enhanced visibility and reduced risk exposure**| Analyze attack paths to see how a cyber attacker could exploit vulnerabilities. Use guided SOC optimization recommendations to reduce costs and exposure, and prioritize actions based on potential impact. | - [Optimize your security operations](soc-optimization/soc-optimization-access.md)<br><br>- [Use SOC optimizations programmatically](soc-optimization/soc-optimization-api.md)<br><br>- [SOC optimization reference of recommendations](soc-optimization/soc-optimization-reference.md)|
41
37
|**Tailored post-incident recommendations**| Prevent similar or repeat cyberattacks with tailored recommendations tied to Microsoft Security Exposure Management initiatives. |[Microsoft Security Exposure Management for enhanced security posture](/unified-secops-platform/overview-msem-strategy)|
42
38
|**Cost and data optimization**| Customers can access both Microsoft Sentinel and Defender XDR data in a unified and consistent schema in the Defender portal. <br><br>Advanced hunting raw logs are available for 30 days for hunting free of charge without needing to ingest them into Microsoft Sentinel. |[What to expect to for Defender XDR tables streamed to Microsoft Sentinel](/defender-xdr/advanced-hunting-microsoft-defender#what-to-expect-for-defender-xdr-tables-streamed-to-microsoft-sentinel)|
43
-
|**Unified, cost-effective data lake**| Improve costs and scale with simplified data onboarding, dynamic recommendations, robust out of the box solutions, and a centralized, cost-effective data lake, enabling enterprise-wide visibility. |[What is Microsoft Sentinel data lake (Preview)](graph/sentinel-lake-overview.md)|
39
+
44
40
## Limited or unavailable capabilities with Microsoft Sentinel only in the Defender portal
45
41
46
42
When you onboard Microsoft Sentinel to the Defender portal without Defender XDR or other services enabled, the following capabilities are limited or unavailable:
0 commit comments