Beginning today, SUSE Security (formerly NeuVector) will integrate with Microsoft’s Sentinel SIEM/SOAR offering as well as Security Copilot. With the help of SUSE’s open-source insights, visibility should be greatly improved within organizations’ Azure domains.
SUSE made the announcement during its SUSECON 2025 event in Orlando, Florida. As it turns out, the company has rechristened NeuVector to SUSE Security. However, it’s the same service as it was before. The security problems faced by organizations in the cloud-native area are also unchanged. One of the key stumbling blocks remains visibility, particularly due to a fragmentation of tooling.
Centralized approach to security
Meanwhile, cyber threats, as always, are bursting at the seams with innovation. Here, cloud-native environments offer themselves up as targets with a huge attack surface. The solution lies in finding simplicity among the chaos. Sentinel’s SIEM and SOAR capabilities can now be enriched with the information from scans from SUSE Security. Consider all aspects of the container lifecycle, from creation and deployment to updates and closure.
The new integration provides customers with a centralized security dashboard, in line with the broader trend among security vendors to “platformize” their offerings. Microsoft Sentinel can automatically generate alerts and quarantine nodes on this dashboard. This prevents the further spread of threats while leaving a human in the loop to ultimately eliminate the risk.
The overall tactic now espoused by SUSE aligns well with Microsoft’s existing strategy for a unified SecOps platform, merging various security tools for more effective and orderly management.
Operation of Security Copilot with SUSE Security
As mentioned, the integration does not stop with just SUSE Security and Sentinel. Security Copilot is also available to analyze data emanating from SUSE Security and generates AI-driven recommendations for addressing potential and existing threats. Through correlation with other data sources within Sentinel, complex attack patterns can be identified that might otherwise go undetected.
“In a cybersecurity landscape that is growing increasingly complex, it’s crucial that organizations have the right tools to quickly identify and mitigate security threats,” said David Houlding, Director, Global Healthcare Security & Compliance Strategy at Microsoft. “Collaborating with SUSE will help our mutual customers streamline their security operations and, ultimately, better protect against threats.”
Although users (as always when it comes to SUSE) are free to choose from a variety of Kubernetes management layers, SUSE recommends deploying its own Rancher Prime in this combination. Along with Sentinel and Security Copilot, the company promises organizations that they will end up with “comprehensive threat intelligence, AI-driven insights and automated protection.”
Also read: SUSE CEO: “If you want secure software, it has to be open source”