Products Solutions Partners Support Company
Try now
Acronis
Acronis Cyber Protect Cloud
For service providers

Technology Ecosystem

Integrations with the tools and services MSPs know and trust.
Request Integration Try Acronis
Back to integrations Have a question or need help?
Integration: Microsoft Sentinel
Category: SIEM
Company: Microsoft
Website

Acronis Cyber Protect Cloud integration with Microsoft Sentinel

Microsoft Sentinel, one of the leading SIEM platforms, allows MSPs to perform security incident investigation and threat hunting. Integrating Acronis Cyber Protect Cloud as additional data source, enables MSPs to collect more telemetry and enrich existing telemetry with detections from Acronis Advanced security, while keeping Acronis as a crucial service monitored for dangerous events.
Release notes Integration Overview
  • Acronis
  • Acronis
  • Acronis
  • Acronis

Simplify security posture by integrating Acronis Cyber Protect Cloud with MS Sentinel.

Now with MS Sentinel integration , MSPs will gain full visibility into customers networks, will be able to search for threats across all managed workloads, and correlate events from both security and data protection applications, and run response actions based on collected telemetry, that is now enriched with Acronis data.

Features

Support of core event format

Acronis supports core event format - CEF (Common Event Format), enabling MSPs to work with the data sent by the integration out of the box. Alerts are pre-formatted on Acronis side and don't require MSP to create any additional rules on SIEM side.

Simple integration enablement

It's very easy to enable the integration by providing server and client certificates, establishing connection to the dedicated syslog server and specifying the server port.

Threat hunting across all managed companies

Integration allows MSPs to select which customer tenants in Acronis should send alerts to SIEM. Since alerts are sent to the same MS Sentinel instance, it's possible to run correlation, threat hunting and perform investigation for all customers in the same console. It also empowers MSPs to search for threats, that were discovered on one workload in one customer tenant, in other customers environments.

Select data you want to see

It is possible to select which alerts should be sent to MS Sentinel. With this functionality, MSPs benefit from reducing the amount of sent to MS Sentinel alerts and, therefore, lower Azure storage consumption. MSPs can select and work only with the data that is necessary.

Microsoft

Company website

Support Contacts

Support website
Other integrations by Microsoft
  • Featured

Microsoft Intune

Deliver all-in-one cyber protection to Microsoft Intune managed workstations easily across your customers.
  • Featured

Microsoft Entra ID

Microsoft Entra ID simplifies access control and enhances security by allowing employees to use their universal company credentials to access external resources without the need for separate logins.
  • New

Microsoft 365 for Acronis XDR

Integrate with Microsoft 365 apps, such as Entra ID, SharePoint, OneDrive, Teams and Outlook to gain visibility for your incidents and enable a swift response to suspicious users and files.

Microsoft Teams

Acronis Cyber Protect Cloud offers a security toolbox that extends to Microsoft Teams and is designed to support the five vectors of cyber protection.

Microsoft 365

Protect clients’ Microsoft 365 applications and data with comprehensive cyber protection.

Microsoft Azure

Pre-built integration to configure Azure Storage as a destination for Acronis Cyber Protect Cloud backups.
Can’t find your favorite tool or service?
With the Acronis Cyber Protect Cloud platform, developers, software vendors and service providers can build new applications and share them with the Acronis community. Building a new application is fast and easy with a powerful low-code CyberApp Standard development framework. You can build a new integration or nominate your favorite tool for integration.
Build integration Nominate a tool
Acronis