Stealthwatch Public Cloud Monitoring uses Microsoft Azure’s Network Watcher service to provide security insight into Microsoft Azure cloud footprints.
Using Microsoft’s packet capture API and other available tools, Public Cloud Monitoring can easily access IP flow data. The Public Cloud Monitoring solution takes in this network data and uses it as the input for its endpoint modeling service.
Public Cloud Monitoring queries the flow data for Azure-hosted virtualized machines, and if any behaviors seem suspicious, or unexpected, the service alerts human operators with the vital information they need to drill down and take action.
Observable offers integrations to leading SIEMs, data analytics platforms, and other security solutions: