Tech Field Day

The Independent IT Influencer Event

  • Home
    • The Futurum Group
    • FAQ
    • Staff
  • Sponsors
    • Sponsor List
      • 2025 Sponsors
      • 2024 Sponsors
      • 2023 Sponsors
      • 2022 Sponsors
    • Sponsor Tech Field Day
    • Best of Tech Field Day
    • Results and Metrics
    • Preparing Your Presentation
      • Complete Presentation Guide
      • A Classic Tech Field Day Agenda
      • Field Day Room Setup
      • Presenting to Engineers
  • Delegates
    • Delegate List
      • 2025 Delegates
      • 2024 Delegates
      • 2023 Delegates
      • 2022 Delegates
      • 2021 Delegates
      • 2020 Delegates
      • 2019 Delegates
      • 2018 Delegates
    • Become a Field Day Delegate
    • What Delegates Should Know
  • Events
    • All Events
      • Upcoming
      • Past
    • Field Day
    • Field Day Extra
    • Field Day Exclusive
    • Field Day Experience
    • Field Day Live
    • Field Day Showcase
  • Topics
    • Tech Field Day
    • Cloud Field Day
    • Mobility Field Day
    • Networking Field Day
    • Security Field Day
    • Storage Field Day
  • News
    • Coverage
    • Event News
    • Podcast
  • When autocomplete results are available use up and down arrows to review and enter to go to the desired page. Touch device users, explore by touch or with swipe gestures.
You are here: Home / Videos / Microsoft Sentinel Evolution Executive Session

Microsoft Sentinel Evolution Executive Session



Tech Field Day Exclusive with Microsoft Security


This video is part of the appearance, “Microsoft Sentinel Evolution Executive Session“. It was recorded as part of Tech Field Day Exclusive with Microsoft Security at 7:00-8:00 on October 9, 2025.


Watch on YouTube
Watch on Vimeo

Microsoft Sentinel is evolving from a market-leading Security Information and Event Management (SIEM) tool to a full-fledged, AI-driven security platform for Microsoft Security and its partners. The core of this evolution is to unify security operations within the Microsoft Defender portal, which will remain the primary interface for SOC analysts. Sentinel is being re-architected to serve as the underlying data and analytics engine for all Microsoft security products, including Defender, Entra, and Purview. This shift addresses the need to ingest and analyze massive volumes of security data from diverse sources affordably and efficiently, setting the stage for advanced AI capabilities and automated security agents. The goal is to eliminate the trade-off between comprehensive security coverage and budget constraints by creating a centralized, scalable foundation.

This new platform is built on several key innovations. The Sentinel Data Lake, now generally available, provides a low-cost tier for long-term data storage (up to 12 years), separating storage costs from compute costs. This makes it feasible for organizations to retain voluminous logs from network devices and other third-party sources that were previously cost-prohibitive. On top of this data lake, Microsoft is introducing new ways to interact with data, most notably the Sentinel Graph. This feature allows analysts to visualize relationships between assets, identities, and activities, helping them to understand complex attack paths and blast radiuses in a more intuitive way, because “attackers think in graphs.” The platform also includes a new MCP (Microsoft Copilot Protocol) server, which enables natural language queries and provides a framework for AI agents to discover and use security tools automatically.

Microsoft emphasizes that this is an open platform designed to support a thriving ecosystem and heterogeneous customer environments. With nearly 400 connectors, the platform is built to ingest and correlate data from third-party tools like CrowdStrike and Zscaler with the same fidelity as Microsoft’s native stack. The vision extends to AI-driven actions, like Attack Disruption, which will be expanded to take actions on third-party systems. This entire stack, from the data platform to the AI capabilities, is brought together in the new Microsoft Security Store. This marketplace allows customers to discover, purchase, and deploy curated security solutions and AI agents from both Microsoft and its partners, completing the transition to a unified, AI-ready security architecture.

Personnel: Gideon Bibliowicz, Scott Woodgate

  • Bluesky
  • LinkedIn
  • Mastodon
  • RSS
  • Twitter
  • YouTube

Event Calendar

  • Oct 9-Oct 9 — Tech Field Day Exclusive with Microsoft Security
  • Oct 15-Oct 15 — Tech Field Day Experience at NetApp INSIGHT 2025
  • Oct 22-Oct 23 — Cloud Field Day 24
  • Oct 29-Oct 30 — AI Field Day 7
  • Nov 5-Nov 6 — Networking Field Day 39
  • Nov 11-Nov 12 — Tech Field Day at KubeCon North America 2025
  • Jan 28-Jan 29 — AI Infrastructure Field Day 4
  • Apr 29-Apr 30 — Security Field Day 15

Latest Coverage

  • Celona’s Private Cellular Vision: Redefining Enterprise Connectivity at Scale
  • How Arista is Unifying Campus Networks with Wi-Fi 7, AIOps and Zero-Trust
  • From GPU Gold Rush to Revenue Reality: How Mirantis k0rdent Transforms AI Infrastructure Dreams into Dollars
  • 68 Days Ahead: Turning DNS Data into Compliance and Cyber Resilience
  • What If Your Storage Knew How to Talk Back?

Tech Field Day News

  • The Latest in Cybersecurity Innovation at Security Field Day 14
  • Pushing the Boundaries of AI Performance, Scale, and Innovation at AI Infrastructure Field Day 3

Return to top of page

Copyright © 2025 · Genesis Framework · WordPress · Log in