Sitefinity Cloud includes a security information and event management (SIEM) solution out of the box. The Sitefinity Cloud SIEM solution is based on Microsoft Azure Sentinel and offers real-time monitoring and analysis of events as well as tracking and logging of security data for compliance or auditing purposes.
Every Sitefinity Cloud subscription is equipped with Azure Sentinel solution instance that inspects the log analytics workspace used to gather the logs from various infrastructure components. SIEM improves security by proactively inspecting large volumes of raw logs that are otherwise difficult to go through and extract the valuable security information.
Analytics rules are enabled for Sitefinity web applications and for the relevant Sitefinity Cloud infrastructure to help raise alerts and create incidents in real time for the Sitefinity Cloud Engineering Team to address. Each alert type is classified by severity with potential high severity threats triggering a call to the Sitefinity Cloud On-Duty Team for immediate investigation.
High severity alerts are treated like incidents and are handled via the incident handling process. For more information about this process, see Sitefinity Cloud Support Workflow.
The Sitefinity Cloud Advanced Security add-on includes all the Sitefinity Cloud SIEM out-of-the-box features plus:
The following diagram illustrates how the SIEM alert incident handling works provided that the Sitefinity Cloud Advanced Security add-on is purchased:
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important