News

New Microsoft Security Releases Aim To Smooth the Road to Zero Trust

• By Gladys Rama
• July 12, 2024

IT teams often juggle multiple tools to monitor and maintain the security of their environments. Two new products released by Microsoft this week aim to consolidate their toolboxes and help organizations achieve zero trust faster.

Now generally available are the Microsoft Entra Suite, which promises to combine network security and identity management on a single platform; and Microsoft Sentinel integration with the Microsoft Defender portal, which adds security information and event management (SIEM) capabilities to Microsoft's broader unified security operations platform.

The general availability of both products helps "simplify the implementation of a Zero Trust architecture across the full lifecycle from prevention to detection and response," Microsoft said in a blog post Thursday.

Microsoft Entra Suite
The Microsoft Entra Suite "unifies identity and network access security," per Microsoft. Combining both of those functions makes achieving a zero trust environment more streamlined, the company argues, as organizations have fewer security tools to manage. Entra Suite can potentially replace traditional legacy security solutions, including VPNs and secure Web gateways.

Entra Suite lets IT teams extend conditional access policies to every application in their network, whether it's on-premises or in the cloud, from a single pane of glass. It enforces least-privilege access at all times and, for end users, provides single sign-on and passwordless authentication.

The suite combines the following five existing Entra solutions:

• Microsoft Entra Private Access
• Microsoft Entra Internet Access
• Microsoft Entra ID Governance
• Microsoft Entra ID Protection
• Microsoft Entra Verified ID

"This new offering advances our vision for the Microsoft Entra product line that can serve as a universal trust fabric for the era of AI, securely connecting any trustworthy identity with anything, from anywhere," Microsoft said in a separate blog post.

Microsoft Sentinel on the Microsoft Defender Portal
Microsoft also announced the general availability of integration between Sentinel, its cloud-based SIEM product, with the Microsoft Defender security suite. Like the Entra Suite, this release aims to condense the number of threat detection tools that organizations typically use.

"According to our research, organizations use as many as 80 individual tools in their security portfolio," Microsoft said. "For many, this means having to manually manage integration between their security information and event management (SIEM); security orchestration, automation, and response (SOAR); extended detection and response (XDR); posture and exposure management; cloud security; and threat intelligence."

The Sentinel-Defender integration helps alleviate that tool sprawl, Microsoft argues. Sentinel workspaces can now be accessed via Defender, essentially combining the alerting and reporting capabilities of the former with the threat hunting capabilities of the latter.

This Microsoft blog provides more details about the integration, as well as setup instructions.

Microsoft said both general availability releases are designed to help organizations establish a "proactive zero trust strategy."

"While individual tools are typically used to fulfill requirements across each Zero Trust pillar, a truly comprehensive strategy connects them together through a centralized access policy engine and integrated threat protection," the company said.