A person pointing at a screen on the wall.

When your team is two steps ahead, security is innovation

Protect your organization from threats across devices, identities, apps, email, data, and cloud workloads.

Our product names have changed

Learn more about Microsoft Sentinel (formerly Azure Sentinel) and Microsoft Defender for Cloud (formerly Azure Defender).

Stop breaches across your entire organization

Secure all clouds, all platforms

Protect Azure, AWS, and Google Cloud as well as Windows, Mac, Linux, iOS, Android, and IoT platforms.

Get leading integrated security tools

Prevent, detect, and respond to attacks with built-in unified experiences and end-to-end XDR capabilities.

Empower rapid response

Help your security operations team resolve threats faster with AI, automation, and expertise.

An investigation in Microsoft Sentinel including multi-colored circles connected by arrows.

Microsoft Sentinel

Get a bird’s-eye view across the enterprise with the cloud-native security information and event management (SIEM) tool from Microsoft. Aggregate security data from virtually any source and apply AI to separate noise from legitimate events, correlate alerts across complex attack chains, and speed up threat response with built-in orchestration and automation. Eliminate security infrastructure setup and maintenance, elastically scale to meet your security needs, and reduce costs with the flexibility of the cloud.

Microsoft 365 Defender dashboard highlighting active incidents, active threats and more.

Microsoft 365 Defender

Prevent and detect attacks across your identities, endpoints, apps, email, data, and cloud apps with XDR capabilities. Investigate and respond to attacks with out-of-the-box, best-in-class protection. Hunt for threats and easily coordinate your response from a single dashboard.

An investigation in Microsoft Defender for Cloud showing a human operated ransomware attack.

Microsoft Defender for Cloud

Protect your multi-cloud and hybrid cloud workloads with built-in XDR capabilities. Secure your servers, databases, storage, containers, and IoT devices. Focus on what matters most with prioritized alerts.

An investigation in Microsoft Sentinel including multi-colored circles connected by arrows.

Microsoft Sentinel

Get a bird’s-eye view across the enterprise with the cloud-native security information and event management (SIEM) tool from Microsoft. Aggregate security data from virtually any source and apply AI to separate noise from legitimate events, correlate alerts across complex attack chains, and speed up threat response with built-in orchestration and automation. Eliminate security infrastructure setup and maintenance, elastically scale to meet your security needs, and reduce costs with the flexibility of the cloud.

Microsoft 365 Defender dashboard highlighting active incidents, active threats and more.

Microsoft 365 Defender

Prevent and detect attacks across your identities, endpoints, apps, email, data, and cloud apps with XDR capabilities. Investigate and respond to attacks with out-of-the-box, best-in-class protection. Hunt for threats and easily coordinate your response from a single dashboard.

An investigation in Microsoft Defender for Cloud showing a human operated ransomware attack.

Microsoft Defender for Cloud

Protect your multi-cloud and hybrid cloud workloads with built-in XDR capabilities. Secure your servers, databases, storage, containers, and IoT devices. Focus on what matters most with prioritized alerts.

Gain greater efficiencies for your SecOps

Microsoft empowers your organization’s defenders by putting the right tools and intelligence in the hands of the right people. Get insights across your entire organization with our cloud-native SIEM, Microsoft Sentinel. Use integrated, automated XDR to increase efficiency and effectiveness with Microsoft 365 Defender and Microsoft Defender for Cloud. Defend against modern attacks with cloud-native SIEM and XDR.

Security operations maturity self-assessment tool

Find out if your security operations center is prepared to detect, respond, and recover from threats.

A person using a tablet and pen.

Microsoft 365 E5 customers can save on Microsoft Sentinel

Microsoft 365 E5 and Microsoft 365 E5 Security customers can get Azure credits of up to 100 MB/user per month of Microsoft 365 data ingestion into Microsoft Sentinel, which can save a typical 3,500-seat deployment $1,500 per month.

A preview of Microsoft Sentinel showing services, recent resources, navigation options and tools.

Discover how these customers safeguard their organizations with integrated threat protection from Microsoft

MVP Health Care.
Thycotic.
MITA.
UiPath.
Duck Creek Technology.
 MVP Health Care logo
"As we looked at other vendors and platforms, we realized that it was a no-brainer. Microsoft offers the cohesive solution we need. Everything it brings to the table fits beautifully with our direction. It has become an outstanding support for us."

- Michael Della Villa: CIO and Head of Shared Services, MVP Health Care

Additional threat protection resources

Combat sophisticated nation-state attacks

Stay ahead of advanced, persistent attacker trends. Find guidance, commentary, and insights.

Protect multi-cloud environments

Learn how Microsoft Defender for Cloud can help you protect multicloud environments.

Migrating SIEM to the cloud

Survey results reveal why more security professionals are moving to cloud-based SIEM.

Microsoft Mechanics video

Join Microsoft Security CVP Rob Lefferts for a deeper look at Microsoft Defender.

Get started with Microsoft Security

Fill out a form to request a call for more information about Microsoft 365 or Microsoft Azure.

1. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
2. Gartner Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook | Dionisio Zumerle | Prateek Bhajanka | Lawrence Pingree | Paul Webber, 05 May 2021.
3. Gartner Magic Quadrant for Cloud Access Security Brokers, Steve Riley | Craig Lawson, 28 October 2020.
4. The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.
5. The Forrester Wave™: Endpoint Security Software as a Service, Q2 2021, Chris Sherman with Merritt Maxim, Allie Mellen, Shannon Fish, Peggy Dostie, May 2021.
6. The Forrester Wave™: Enterprise Email Security, Q2 2021, Joseph Blankenship, Claire O'Malley, May 2021.
7. A commissioned study conducted by Forrester Consulting, November 2020.
8. A commissioned study conducted by Forrester Consulting, February 2021.

Microsoft Sentinel is a cloud-native SIEM tool; Microsoft 365 Defender provides XDR capabilities for end-user environments (email, documents, identity, apps, and endpoint); and Microsoft Defender for Cloud provides XDR capabilities for infrastructure and multi-cloud platforms including virtual machines, databases, containers, and IoT.