What is the difference between Azure Security Center and Azure Sentinel?
Many Cloud Architects and Cloud Engineers are somewhat confused to grasp the difference between Azure Security Center (ASC) and Azure Sentinel. Both products look quite similar at a first glance and both offered by Microsoft to secure your Azure infrastructure. Moreover, in all Microsoft’s Cybersecurity reference designs these products work shoulder-to-shoulder. There are several main reasons for this confusion: the historical set of functionality that both products offer, the complementary functionality they perform and, the most important, is that they share a subset of functionality in the Cybersecurity activities life-cycle.
The picture above represents a high-level sequence of activities happening in a typical Security Operations Center (SOC). Both ASC and Sentinel play a significant part in some of these activities. Azure Security Center plays a vital role in “Collect” and “Detect” roles. While Azure Sentinel in addition to the first two roles also designed to perform “Investigate” and “Respond” roles.
To understand the differences, we shall look deeper into both offerings.
Azure Security Center is…
