Build end-to-end cybersecurity solutions for Microsoft Sentinel that delivers enterprise value by collecting data, managing security, detecting, hunting, investigating, and responding to cybersecurity threats!

As organizations’ digital estate grows, so does the volume of security data. Per a detailed study by Microsoft’s Enterprise Strategy Group (ESG), 76% of organizations report an increase which continues to keep growing. To shore up their defenses, enterprise have deployed dozens of security products, each producing a large volume of alerts. In isolation, these products may have high false positive rates and poor response prioritization, resulting in deafening alert noise. As a result, organizations report that 44% are never investigated. Part of the reason for these alerts to fall through the cracks is a massive shortage in security professionals.  

This is where Microsoft Sentinel, Microsoft’s cloud native Security Incident and Event Management (SIEM), enables organizations to achieve more by tapping into the scale and intelligence of the cloud to deliver instant value to defenders, auto-scale to enterprise needs and improve effectiveness of operations using Artificial Intelligence (AI) and automations.

Microsoft Sentinel has been named a Leader in The Forrester WaveTM: Security Analytics Platform Providers, Q4 2020, with the top ranking in strategy.

Microsoft Sentinel provides a platform for security analysts and threat hunters of various levels to not only leverage existing content like workbooks (dashboard), playbooks (workflow orchestrations), analytic rules (detections), hunting queries, notebooks, etc. but also to build custom content and solutions as needed. Microsoft Sentinel solutions can be of two types:

1. Product solution - Solutions that deliver E2E product value include data connectors and associated content like workbooks, analytics etc. for a certain product. For e.g. Cisco Umbrella solution or Microsoft Defender solution, etc. These generally operate on a single data source. Refer to the list of solutions for Microsoft Sentinel as examples (all solutions not under Domain solutions category are all product solutions).

2. Domain solution - Solutions that provide E2E domain or industry vertical value to enterprise like specialized solutions for healthcare compliance or finanacial compliance or vulnerability management or healthcare product integration, SAP scenarios, etc. These are generally data source agnostic and can operate on multiple data sources unlike product solutions. View list of current domain solutions for Microsoft Sentinel as examples.

Furthermore, Microsoft Sentinel also provides APIs for integrating different types of applications to connect with Microsoft Sentinel data and insights. 

This hackathon challenge revolves around how you can provide the ultimate enterprise value by delivering an end-to-end solution via Microsoft Sentinel content and/or integrations. Refer to the Get Started guide for resources and inspiration.

$18,000 in prizes

• Quality of Idea
  Indicates creativity, originality, and the potential to significantly improve organizational security using Microsoft Sentinel
• Value to Enterprise
  Demonstrates usefulness to an enterprise, for example by streamlining or automating security operations, reducing threat detection and response times, or improving the effectiveness of existing security tools or enables migration to Microsoft Sentinel
• Technical Implementation
  Assesses how well the idea was executed by the submitter, including the user experience, the complexity of the scenarios, blending in Microsoft and non-Microsoft entities or data or other APIs with Microsoft Sentinel, and whether it performs as expected