Tech News
← Back to articles

Microsoft just upgraded Sentinel with an AI-powered data lake - here's how it works

2025-10-31 | original
read original related products more articles

NurPhoto/Contributor/Getty

Microsoft is launching a new agentic AI system to help cybersecurity professionals manage and protect their organizations' data, the company said Tuesday.

Microsoft Sentinel, a proprietary Security Incidents and Event Management (SEIM) platform, which debuted in 2019, now comes with a data lake -- that is, a centralized repository that can store structured and unstructured data without any kind of reformatting.

Also: Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

The new-and-improved Sentinel is being promoted by Microsoft as a data organization and aggregation tool that can help cybersecurity teams manage the increasingly vast quantities of data required to build and deploy new AI tools.

The company is also tapping into the cultural caché surrounding agents, or AI systems that can interact with external digital tools and autonomously perform tasks without explicit prompting from human users.

"This is the paradox of modern security: the more data you have, the harder it becomes to use it effectively," the company said in a press release. "And without unified, long-term visibility, even the most advanced AI models can't deliver to their full potential. Siloed data means missed threats, delayed investigations, and underutilized tools. Microsoft Sentinel data lake was purpose-built to solve this challenge and provides the foundation for agentic defense."

The new data lake -- available now in preview -- provides a single interface within Microsoft Defender through which users can view security data from Sentinel, as well as from other third-party providers. The system uses a built-in AI system to analyze security risks across all of these various sources in real time, flagging potential vulnerabilities and iteratively strengthening an organization's cybersecurity infrastructure over time.

The goal is to provide cybersecurity professionals with a more expansive and fine-grained level of visibility into the full spectrum of their security data, while at the same time automatically taking action to optimize protection from external threats.

Also: How to upgrade an 'incompatible' Windows 10 PC to Windows 11 - 2 free options

... continue reading

Related:
Your AirPods just got a useful power management tool with iOS 26 - here's how to enable it
5 must-have cloud tools for small businesses in 2025 (and my top 10 money-saving secrets)
8 ways to make responsible AI part of your company's DNA
Cramer: Amazon-OpenAI cloud deal puts an exclamation point on a remarkable few days
Flying soon? Delays abound at these U.S. airports still dealing with air traffic controller shortages

© 2025 GoKawiil