We’re evolving our industry-leading Security Incidents and Event Management solution (SIEM), Microsoft Sentinel, to include a modern, cost-effective data lake. By unifying all your security data, Microsoft Sentinel data lake, now in public preview, accelerates agentic AI adoption and drives unparalleled visibility, empowering teams to detect and respond faster. With Sentinel data lake, you’re no longer forced to choose between retaining critical data and staying within budget.
Microsoft Sentinel Data Lake has a dramatically lower cost of storage, natively integrates with Sentinel querying & works with all existing Sentinel data connectors, including:
- All Microsoft Defender and Microsoft Sentinel data sources
- Microsoft 365
- Microsoft Entra ID
- Microsoft Resource Graph
- Endpoint Detection and Response (EDR) platforms
- Firewall and network logs
- Cloud infrastructure and workload telemetry
- Identity and access logs (Microsoft Entra, Okta, etc.)
- DNS, proxy, and email telemetry
GET STARTED
Join us as we redefine what’s possible in security operations:
- Start saving money by implementing Sentinel Data Lake
- Learn more about the latest news in our Sentinel Data Lake Tech Community blog
- Explore Sentinel Data Lake pricing
- Learn more about our Microsoft Defender Threat Intelligence news
- Sign up for next wave of innovation at the “Microsoft Secure” broadcast – Sept 30th, 2025
Read the announcement blog post here:
- Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI
https://www.microsoft.com/en-us/security/blog/2025/07/22/microsoft-sentinel-data-lake-unify-signals-cut-costs-and-power-agentic-ai/
kurtsh
Kurt Shintaku's Blog 
You must be logged in to post a comment.