Nasuni Releases Microsoft Sentinel Integration & Targeted Restores to Simplify Enterprise Data Security

As organizations move their file data shares to the cloud, enterprise data security is a key concern. Responsible organizations look at security holistically and given their size and scope, organizational file shares must integrate into the Security Operations ecosystem. On that front, I’m excited to share the news of Nasuni’s new integration with Microsoft Sentinel, the leading cloud-native security information and event management (SIEM) platform.

What is Microsoft Sentinel?

If you aren’t familiar with Sentinel, it’s a cloud-native solution that provides both SIEM and orchestration, automation, and response (SOAR) capabilities. This is done by collecting data at cloud scale across users, devices, applications, and infrastructure. Basically, if a security incident happens, Sentinel tracks, reports, and coordinates automated responses related to the event. A fast, automated response limits the potential damage across the IT landscape. Organizations are increasingly turning to solutions like Sentinel to make their SecOps teams more efficient and more precise in their threat responses and to provide better visibility across all important data systems. And if you know anything about Nasuni and our approach to ransomware, you probably realize this is a perfect fit with our technology.

How do Sentinel and Nasuni fit?

First, Microsoft Sentinel and Nasuni are both cloud-native platforms, so it’s easy for them to play nicely based on architecture alone. But the second and more exciting piece is that this new integration will help large organizations strengthen their response posture against ransomware and take action quicker than ever.

The unique Nasuni File Data Platform offers the ability to detect and mitigate cyber threats at the edge. This means that Nasuni’s Ransomware Protection acts as an “early warning system” that immediately reports on file share threats in far-flung locations and shares this vital information with Microsoft Sentinel. SecOps teams benefit from this new level of visibility, enabling them to take immediate action before other applications or network infrastructures are impacted.

If there is an attack, Nasuni’s dramatically reduce Mean Time to Recovery (MTTR) Nasuni detects and stops attacks quickly, responds automatically, and enables instant recovery. Today we added a Targeted Restore capability that will allow organizations to:

• Precisely identify and recover only the encrypted files
• Automatically save key details that simplify the restore process
• Drastically minimize the impact on the business
• Reduce Rapid Recovery actions to a few clicks

While Nasuni gets your impacted files back online quickly, Sentinel can take additional protective action. Based on information from Nasuni and from other system events, Sentinel can take other actions, such as,

– Disabling the AD account of the user
– Analyzing user activity leading up to the event
– Investigate threats with AI and hunt suspicious activities at scale

Now let’s move on to what some in your organization would probably consider the most important question.

How is this going to help your business?

By integrating Nasuni with Microsoft Sentinel, we will also help organizations strengthen their “Defense-in-Depth” strategies. These integrated solutions will cover your entire distributed attack surface, all over the world, at every location. So, if an attack on your file shares does happen, you can detect and recover from it in record time. We will stop it at the edge automatically, and your team will receive instant alerts that something unusual is going on – whether it be next door, in Singapore, or Panama City.

The Nasuni-Sentinel integration is also helpful for post-incident reporting and meeting compliance requirements related to the incident and everything that happens after an attack. From filing a ransomware insurance claim to providing a full analysis to the C-suite, you will have the details to document your fast and thorough response.

Improving your threat response posture is a constant effort. We are pleased to introduce this integration that adds another level of security to your environment. The integration will be available via the Azure Marketplace in the Sentinel Content Hub. We are sure you will find it useful. Please contact us about how we can help shift your organization’s file data to the cloud and improve security for your distributed data.