{"id":5150,"date":"2025-10-01T16:03:33","date_gmt":"2025-10-01T16:03:33","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=5150"},"modified":"2025-10-01T16:03:33","modified_gmt":"2025-10-01T16:03:33","slug":"microsoft-plots-new-path-for-sentinel-adding-agentic-ai-features","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=5150","title":{"rendered":"Microsoft plots new path for Sentinel, adding agentic AI features"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Microsoft has announced a raft of new AI features for Sentinel SIEM and Security Copilot as part of its push to turn them into fully \u201cagentic platforms.\u201d<\/p>\n

The announcement has several parts, starting with perhaps the biggest news: Sentinel, the company\u2019s cloud SIEM<\/a> platform first released nearly seven years ago in public preview, is getting the first of what might be a series of AI upgrades.<\/p>\n

This process began in July with the public preview of Sentinel data lake for customer evaluation, which this week has reached general availability (GA).<\/p>\n

However, this week that platform also gains significant new capabilities in the form of Sentinel graph, and Sentinel Model Context Protocol (MCP) Server, both in Public Preview versions that let customers evaluate new features before the GA launch.\u00a0<\/p>\n

As its name implies, Sentinel data lake<\/a> gives customers a place to store large volumes of structured and unstructured Sentinel log data they might otherwise have to dispose of for reasons of cost or practicality.<\/p>\n

Underlying this is the general-purpose Azure Data Lake Storage system, which makes Sentinel data lake a managed version of that oriented towards long-term data retention for up to 12 years.<\/p>\n

Sentinel graph<\/a> gives defenders a system for mapping and visualizing the relationship between SIEM log data to better understand where an attacker might have left traces of entry.<\/p>\n

Instead of manually relating dozens of separate alerts, graph will correlate these automatically. The idea behind graph is to make these connections easier to see. Importantly, the graphs it generates can be ingested by AI agents, a pointer to the importance of these for the platform\u2019s future.<\/p>\n

The new Sentinel MCP Server<\/a> is an open protocol connector that ties Sentinel to its AI capabilities. This makes it possible for AI agents to hook into things like Sentinel graph using MCP as the communication protocol. As Microsoft said in its announcement, \u201cMCP standardizes how an AI talks to systems. Instead of developers writing custom connectors for each application, the MCP server presents a menu of available actions to the AI in a language it understands. Any AI application that speaks MCP can connect.\u201d<\/p>\n

Microsoft and its partners already offer a range of pre-built AI agents as part of Security Copilot<\/a>. Now customers will be able to build their custom agents without the need to code this from scratch. Instead, through the Security Copilot portal, it will be possible to build an agent using natural language prompts to connect with wider infrastructure via MCP Server. Customers will be able to find third-party agents through a revamped Microsoft Security Store.\u00a0<\/p>\n

Agent saviors?<\/h2>\n

Microsoft is marketing the new features as the moment when its SIEM enters the agentic AI era, but does this stand up to scrutiny?<\/p>\n

Although Sentinel is still in the early days of its development as an agentic platform, an outline of where it wants to go with the technology is starting to emerge.<\/p>\n

Even with automation, security tools can be complex to manage, consuming precious skills and time. Agentic AI is Microsoft\u2019s answer: Use agents to do more of the hard work and, in some cases, make decisions. These agents will communicate with established platforms and tools using MCP, allowing organizations to program them using time-saving prompts backed by vibe coding tools.<\/p>\n

According to Clive Watson<\/a>, solutions director for UK Microsoft MSSP Quorum Cyber, the Sentinel announcements marked the biggest update to the platform since its launch.<\/p>\n

Quorum\u2019s customers were already using the Sentinel data lake: \u201cThis benefits both ourselves and our customers as we can encourage them to store data that they may have decided not to keep in the past due to the costs,\u201d said Watson.<\/p>\n

\u201cAnother benefit of the data lake is the separation of the storage from the query costs, ideal for the common type of data that data lake is designed for. Customers only pay for queries they use \u2014 storage costs are decoupled from query and compute costs.\u201d<\/p>\n

\u201cStoring data in the right classification or tier also aids Sentinel graph because the more data we have the better solutions like graph will be to show relationships,\u201d he said.<\/p>\n

Commentators have long speculated that Microsoft might turn into a cyber security company by the back door. The latest announcement doesn\u2019t go that far \u2013 it\u2019s still a cloud and applications platform backed by a legacy OS \u2013 but it shows how AI-based cyber security services could turn into an important part of its evolving ecosystem.<\/p>\n

Agentic AI<\/a> is emerging as the next big thing in security management. But despite its benefits, it still has limitations today, including a tendency to create noise and false positives.<\/p>\n

The other risk with machine-dominated security is that agentic AI itself becomes a new attack surface<\/a> that inadvertently exposes data or assets. Bad actors will build their own agents, exploiting the same access to MCP or Google\u2019s Agent-to-Agent (A2A) protocol, and will attempt to poison or socially engineer agents with hidden malicious prompts.<\/p>\n

This has already happened as a proof of concept. In June, researchers uncovered a way of tricking Microsoft 365 Copilot<\/a> into revealing sensitive data in the first ever \u2018no-click\u2019 attack targeting agents (CVE-2025-32711<\/a>) using prompts hidden in the metadata of an email. <\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Microsoft has announced a raft of new AI features for Sentinel SIEM and Security Copilot as part of its push to turn them into fully \u201cagentic platforms.\u201d The announcement has several parts, starting with perhaps the biggest news: Sentinel, the company\u2019s cloud SIEM platform first released nearly seven years ago in public preview, is getting […]<\/p>\n","protected":false},"author":0,"featured_media":5151,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-5150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5150"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5150"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5150\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/5151"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}