Build end-to-end cybersecurity solutions for Azure Sentinel that delivers enterprise value by collecting data, managing security, detecting, hunting, investigating, and responding to cybersecurity threats!
As organizations’ digital estate grows, so does the volume of security data. Per a detailed study by Microsoft’s Enterprise Strategy Group (ESG), 76% of organizations report an increase which continues to keep growing. To shore up their defenses, enterprise have deployed dozens of security products, each producing a large volume of alerts. In isolation, these products may have high false positive rates and poor response prioritization, resulting in deafening alert noise. As a result, organizations report that 44% are never investigated. Part of the reason for these alerts to fall through the cracks is a massive shortage in security professionals. A recent report by CSO magazine showed that this global talent shortage will increase to 3.5 million unfilled security jobs by 2021.
This is where Azure Sentinel, Microsoft’s cloud native Security Incident and Event Management (SIEM), enables organizations to achieve more by tapping into the scale and intelligence of the cloud to deliver instant value to defenders, auto-scale to enterprise needs and improve effectiveness of operations using Artificial Intelligence (AI) and automations.
Azure Sentinel provides a platform for security analysts and threat hunters of various levels to not only leverage existing content like workbooks (dashboard), playbooks (workflow orchestrations), analytic rules (detections), hunting queries, etc. but also to build custom content as needed. Furthermore, Azure Sentinel also provides APIs for integrating different types of applications to connect with Azure Sentinel data and insights. This hackathon challenge revolves around how you can provide the ultimate enterprise value by delivering an end-to-end solution via Azure Sentinel content and/or integrations. Refer to the following for few examples of end-to-end solutions that unlocks the potential of Azure Sentinel and drives enterprise value. You can discover more examples by reviewing content and solutions in the Azure Sentinel GitHub repository and blogs.
- Monitoring Zoom with Azure Sentinel (example of end-to-end content integration)
- SOC Prime Sigma integration (example of API integration – part 2 of the 3-blog series covers API integration aspects)
- Azure Sentinel2Go lab with pre-recorded data (example of a tool that enables easier onboarding to Azure Sentinel)
Requirements
Main requirement
Submissions must use Azure Sentinel to deliver value either via Azure Sentinel content like data connectors, playbooks, workbooks, analytic rules, hunting queries, investigation queries or Azure Sentinel APIs, or migration tools to bring content or data into Azure Sentinel. Submissions delivering multiple content types and data sources or using multiple APIs to connect with Azure Sentinel to deliver significant end-to-end enterprise value will get extra credit in judging.
Additional submission requirements
- Include a text description that explains the features and functionality of the submission and describe how the submission could help enterprise cybersecurity using Azure Sentinel.
- Submit a demo video (hosted on YouTube, Vimeo). Your video should include a demo of your working submission via a step-by-step visual demo.
- Please submit at least one image/screenshot of your submission.
- Provide a way to access your working submission for judging and testing.
Prizes
$9,000 in prizes
First Place
• $5000 USD cash
• Speaking opportunity at Microsoft Ignite 2020
• Promotion via Microsoft blogs, social and Azure Sentinel banner
Runner Up
• $2500 USD cash
• Promotion via Microsoft blogs, social and Azure Sentinel banner
Popular Choice
• $1500 USD cash
• Promotion via Microsoft blogs, social and Azure Sentinel banner
Honorable Mention
• Swags
• Promotion via Microsoft blogs, social and Azure Sentinel banner
Devpost Achievements
Submitting to this hackathon could earn you:
Judges
Ann Johnson
Corporate Vice President, Cybersecurity Solutions Group, Microsoft
John Lambert
Distinguished Engineer and General Manager, Microsoft Threat Intelligence Center
Maarten Goet
Director of Cybersecurity, Wortell and Microsoft MVP
Judging Criteria
-
Quality of Idea
Indicates creativity, originality, and the potential to significantly improve organizational security using Azure Sentinel -
Value to Enterprise
Demonstrates usefulness to an enterprise, for example by streamlining or automating security operations, reducing threat detection and response times, or improving the effectiveness of existing security tools or enables migration to Azure Sentinel -
Technical Implementation
Assesses how well the idea was executed by the submitter, including the user experience, the complexity of the scenarios, blending in Microsoft and non-Microsoft entities or data or other APIs with Azure Sentinel, and whether it performs as expected
Tell your friends
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.