Microsoft Sentinel benefit for Microsoft 365 E5 customers

Customers with Microsoft 365 E5 can now benefit from free Azure credits for up to 100MB per user/month of data ingestion into Microsoft Sentinel (previously known as Azure Sentinel).

This recent announcement is welcome news as this was previously offered as a time-limited promotion, however Microsoft have now announced that this benefit will be perpetually available to Microsoft 365 E5* customers. Microsoft estimates that this benefit will save organisations with a ‘standard’ 3,500 user deployment approximately $1,500 per month.

*Note we awaiting to hear if this also applies to E5 Security add-on customers.

For those considering Microsoft Sentinel as their SIEM/SOAR platform this benefit enables organisations to better evaluate the platform with reduced costs. For those already using Microsoft Sentinel, this will help reduce monthly data ingestion costs with the offer being permanently available as an added value.

Example data sources that can be included in this offer are:

Azure AD sign-in logs
Microsoft Defender for Cloud Apps (previously MCAS) shadow IT logs
Microsoft Defender for Endpoint logs

Meanwhile, there are many Microsoft sources that can be ingested free of charge with Microsoft Sentinel, such as:

Office 365 audit logs
Microsoft Defender product alerts (Azure Defender & Microsoft 365 Defender)

With the free ingestion sources and this perpetual benefit, Microsoft is making it more appealing to customers to unify their security solutions within the Microsoft cloud and incentivising a cloud-first security approach.

Integrated XDR & cloud native SIEM/SOAR

By combining the powerful extended detection and response (XDR) capabilities within Microsoft 365 Defender with Microsoft Sentinel, organisations benefit from integrated XDR and SIEM capabilities. This provides key benefits, such as enhanced threat detection with extensive threat visibility and integrated remediation capabilities that can help security analysts respond to and remove advanced threats across your environment.

Microsoft 365 Defender includes:

Microsoft Defender for Endpoints
Microsoft Defender for Identities
Microsoft Defender for Office 365
Microsoft Defender for Cloud Apps (previously known as Microsoft Cloud App Security – or MCAS)

This is included within Microsoft 365 E5 and also included within the E5 Security add-on (alongside Azure AD Plan 2). At the moment, Microsoft have not confirmed if this offer extends to the E5 Security add-on but we will be following the announcements and update when we hear confirmation.

You can read Microsoft’s announcement on this here.

Zero Trust security with Microsoft

If you have started or are considering using Microsoft technologies to support your Zero Trust security transformation and need support, we have the experience and expertise to help. Through our proven Microsoft 365 security and compliance roadmap and ongoing Managed Detection & Response (MDR) services delivered by our 24/7/365 UK-based CSOC, we help organisations embrace innovative security using Microsoft’s security toolsets. Get in touch to find out more.