skip to main content


Microsoft's development of its security offerings has, until now, been designed to reinforce the appeal, first of its operating system, database, and office productivity software and more recently of its cloud services.


  • Most significantly, in the run-up to the recent RSA Conference on cybersecurity, held in San Francisco March 4‒7, 2019, the company launched Azure Sentinel, a security incident and event management (SIEM) platform it is offering as a cloud-based service, and a managed threat-hunting service called Microsoft Threat Experts.

Features and Benefits

  • Explains how Microsoft's thinking about security is evolving.
  • Describes where the company has the best chance of disrupting the market.

Key questions answered

  • What is going on in the SIEM market and how does this favor Microsoft in this segment?
  • Why is Microsoft going more heterogeneous in its security offerings?

Table of contents


  • Catalyst
  • Ovum view
  • Key messages


  • Recommendations for enterprises

Microsoft has security platforms and partnerships

  • Microsoft offers technology in four areas of security
  • Beyond that, Microsoft is building a security partner ecosystem


  • Active Directory is a market-leading directory
  • Authentication fills out its IAM requirements
  • Microsoft Cloud App Security is the company's CASB

Threat protection

  • Microsoft Threat Protection unites the ATP products

Information protection

  • Data at rest, in motion, and in use is all protected
  • The platform provides discovery, classification, protection, and monitoring
  • Microsoft Cloud App Security helps with information protection

Security management

  • Azure Security Center combines CSPM and CWPP
  • CASB contributes to security management
  • Secure Score helps raise awareness and visibility

Further opportunities in security management

  • SIEM is a market in transformation
  • Azure Sentinel is a cloud-based SIEM service
  • Microsoft Threat Experts comes with a panic button
  • Both new services are designed to be labor saving

Expect to see Microsoft raise its profile in security

  • Mobile security shows where Microsoft is going

Partial Azure shops are in scope for a security play

  • Hybrid and multicloud environments are the target


  • Author