Integration of Arista AI-driven network detection and response with Microsoft Azure Sentinel optimizes security operations
Arista Networks (NYSE:ANET), a leader in data-driven networking, today announced it has joined the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to better defend against a world of increasing threats. Arista was nominated based on an integration between Arista’s NDR (Network Detection and Response) platform and Microsoft Azure Sentinel. This integration enables faster remediation of threats by combining network context and threat detection with log-based and endpoint insights within Azure Sentinel.
Arista NDR analyzes full network packet data to enable a number of autonomous use cases, including insider threat detection, threat hunting, digital forensics and incident response. Powered by Arista AVA (Autonomous Virtual Assist), an AI-enabled decision support system, the NDR platform discovers, profiles and classifies network entities such as devices, users and applications across campus, data center, IoT and cloud networks. AVA pre-computes answers for questions a highly skilled analyst would ask by looking at network data as well as querying threat intelligence sources, open source intelligence and partner solutions within the MISA ecosystem and beyond. Using this information, the platform surfaces the weak and early signals of a network issue along with corroborating evidence to establish conviction and identify the broader scope of the attack. This enables the SecOps team to disrupt an adversary’s objectives at the earliest stages of an attack.
“Customers have invested in a variety of security solutions in their battle against modern cyber threats,” said Rahul Kashyap, VP/GM Arista NDR Security Division. “Responding to the adversary requires a coordinated effort across these solutions so that risks can be mitigated and impact minimized. Microsoft shares this vision and we are pleased to collaborate by bringing the high-fidelity detection and response signals from AVA and our NDR platform into Microsoft Azure Sentinel and MISA.”
As networks have evolved, organizations are often blind to 50% or more of their infrastructure, including IoT and contractor devices and cloud workloads. Adversaries target this expanded attack surface, but these attacks often go unnoticed due to the underlying device’s lack of security agents or log sources. Integrating Arista NDR with Azure Sentinel delivers broad visibility into network entities, threat detection and incident response capabilities for this otherwise unmanaged infrastructure. Security teams benefit from rich, entity-centric context that can be used through Azure Sentinel workbooks to correlate data collected from other IT and security solutions.
“The Microsoft Intelligent Security Association has grown into a vibrant ecosystem comprised of the most reliable and trusted security software vendors across the globe,” said Maria Thomson, Microsoft Intelligent Security Association Lead. “Our members, like Arista, share Microsoft’s commitment to collaboration within the cybersecurity community to improve our customers’ ability to predict, detect, and respond to security threats faster.”
Joining MISA represents another honor for Arista in a year that has seen recognition including the AI Breakthrough Award for the “Best AI-based Solution for CyberSecurity” and being selected as one of the hottest AI security companies by CRN Magazine.