Build end-to-end cybersecurity solutions for Azure Sentinel that delivers enterprise value by collecting data, managing security, detecting, hunting, investigating, and responding to cybersecurity threats!

As organizations’ digital estate grows, so does the volume of security data. Per a detailed study by Microsoft’s Enterprise Strategy Group (ESG), 76% of organizations report an increase which continues to keep growing. To shore up their defenses, enterprise have deployed dozens of security products, each producing a large volume of alerts. In isolation, these products may have high false positive rates and poor response prioritization, resulting in deafening alert noise. As a result, organizations report that 44% are never investigated. Part of the reason for these alerts to fall through the cracks is a massive shortage in security professionals. A recent report by CSO magazine showed that this global talent shortage will increase to 3.5 million unfilled security jobs by 2021.

This is where Azure Sentinel, Microsoft’s cloud native Security Incident and Event Management (SIEM), enables organizations to achieve more by tapping into the scale and intelligence of the cloud to deliver instant value to defenders, auto-scale to enterprise needs and improve effectiveness of operations using Artificial Intelligence (AI) and automations.

Azure Sentinel provides a platform for security analysts and threat hunters of various levels to not only leverage existing content like workbooks (dashboard), playbooks (workflow orchestrations), analytic rules (detections), hunting queries, etc. but also to build custom content as needed. Furthermore, Azure Sentinel also provides APIs for integrating different types of applications to connect with Azure Sentinel data and insights. This hackathon challenge revolves around how you can provide the ultimate enterprise value by delivering an end-to-end solution via Azure Sentinel content and/or integrations. Refer to the following for few examples of end-to-end solutions that unlocks the potential of Azure Sentinel and drives enterprise value. You can discover more examples by reviewing content and solutions in the Azure Sentinel GitHub repository and blogs.


Main requirement
Submissions must use Azure Sentinel to deliver value either via Azure Sentinel content like data connectors, playbooks, workbooks, analytic rules, hunting queries, investigation queries or Azure Sentinel APIs, or migration tools to bring content or data into Azure Sentinel. Submissions delivering multiple content types and data sources or using multiple APIs to connect with Azure Sentinel to deliver significant end-to-end enterprise value will get extra credit in judging.

Additional submission requirements

  • Include a text description that explains the features and functionality of the submission and describe how the submission could help enterprise cybersecurity using Azure Sentinel.
  • Submit a demo video (hosted on YouTube, Vimeo). Your video should include a demo of your working submission via a step-by-step visual demo.
  • Please submit at least one image/screenshot of your submission.
  • Provide a way to access your working submission for judging and testing.

Hackathon Sponsors


$9,000 in prizes

First Place

• $5000 USD cash
• Speaking opportunity at Microsoft Ignite 2020
• Promotion via Microsoft blogs, social and Azure Sentinel banner

Runner Up

• $2500 USD cash
• Promotion via Microsoft blogs, social and Azure Sentinel banner

Popular Choice

• $1500 USD cash
• Promotion via Microsoft blogs, social and Azure Sentinel banner

Honorable Mention

• Swags
• Promotion via Microsoft blogs, social and Azure Sentinel banner

Devpost Achievements

Submitting to this hackathon could earn you:


Ann Johnson

Ann Johnson
Corporate Vice President, Cybersecurity Solutions Group, Microsoft

John Lambert

John Lambert
Distinguished Engineer and General Manager, Microsoft Threat Intelligence Center

Maarten Goet

Maarten Goet
Director of Cybersecurity, Wortell and Microsoft MVP

Judging Criteria

  • Quality of Idea
    Indicates creativity, originality, and the potential to significantly improve organizational security using Azure Sentinel
  • Value to Enterprise
    Demonstrates usefulness to an enterprise, for example by streamlining or automating security operations, reducing threat detection and response times, or improving the effectiveness of existing security tools or enables migration to Azure Sentinel
  • Technical Implementation
    Assesses how well the idea was executed by the submitter, including the user experience, the complexity of the scenarios, blending in Microsoft and non-Microsoft entities or data or other APIs with Azure Sentinel, and whether it performs as expected

Tell your friends

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.