- Microsoft has made its Sentinel Security Incidents and Event Management (SIEM) solution a unified platform with the general release of Sentinel data lake.
- Sentinel Graph and Sentinel Model Context Protocol (MCP) server are now in public preview to enhance security data integration and AI agent development.
- Sentinel data lake collects and analyzes diverse security data to enable AI models like Security Copilot to detect threats more effectively.
- The platform improves detection by linking data through graph-based relationships and integrates with other Microsoft security tools.
- Microsoft will strengthen protections for AI agents against prompt injection attacks using updates to Azure AI Foundry.
Microsoft announced on Tuesday the full availability of its Sentinel data lake, enhancing its Sentinel Security Incidents and Event Management (SIEM) solution into a unified and agentic platform. Alongside this, the company introduced a public preview of the Sentinel Graph and the Sentinel Model Context Protocol (MCP) server to improve threat detection and AI agent orchestration.
The Sentinel data lake, which entered public preview in July, is designed as a cloud-based tool to ingest, manage, and analyze security data from multiple sources. Microsoft stated this feature supports building an agentic defense by providing AI models, such as Security Copilot, with the full context needed for identifying subtle attack patterns and producing high-confidence alerts.
Vasu Jakkal, corporate vice president at Microsoft Security, explained that Sentinel uses graph-based context and semantic access to assemble comprehensive security signals in one platform. She noted that “Sentinel ingests signals, either structured or semi-structured, and builds a rich, contextual understanding of your digital estate through vectorized security data and graph-based relationships.” The integration with Defender and Purview allows teams to trace attacks, understand their impact, and prioritize responses within familiar workflows.
Microsoft highlighted that the expansion enables security teams to investigate attacker behavior over historical data and automate detections based on current threat methods. They also emphasized Sentinel’s role in shifting Cybersecurity approaches from reactive to predictive by organizing and enriching security data at scale.
The company further announced that users can now develop Security Copilot agents tailored to their organizational workflows using the Sentinel MCP-enabled coding platform, such as Visual Studio Code with GitHub Copilot integration.
Additionally, Microsoft expressed the importance of securing AI platforms from prompt injection attacks, a vulnerability where malicious input can manipulate AI responses. The firm plans to enhance its Azure AI Foundry to provide stronger protections for AI agents against these types of risks.
For more information, see here, here, and here.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- SWIFT Teams With 30+ Banks for Blockchain-Based Ledger Payments
- Trump to Announce Pfizer Deal for Cheaper Medicaid Drug Prices
- Republic to Tokenize Animoca Brands Equity on Solana Blockchain
- Google Patches Gemini AI Vulnerabilities Exposing User Data
- BRICS May Announce New Common Currency at 2026 Delhi Summit
