Illumio integrates with Microsoft Sentinel to boost AI security

Illumio has announced that its Insights and Segmentation solutions have been deployed across the entire corporate IT environment at Microsoft, and that Illumio is now included in the Microsoft Sentinel partner ecosystem.

Microsoft operates one of the most complex global networks, spanning hybrid environments and multi-cloud architectures, and faces a need for real-time observability and robust cyber resilience. In this context, Microsoft has adopted the Illumio platform to enhance its proactive cyber defence strategies by preventing lateral movement and containing potential threats within its systems.

Igor Tsyganskiy, Global Chief Information Security Officer at Microsoft, commented on the deployment.

"When we needed to bring these capabilities into Microsoft, Illumio was the only segmentation solution that would work at the scale of Microsoft and deliver in our environment. Perhaps most importantly, the Illumio team understands partnership, and how to deliver under extreme pressure."

The Illumio platform provides deep insight into network connectivity and enforces segmentation policies aimed at minimising the risk of breaches spreading in enterprise environments. Illumio Insights, which leverages AI to analyse network graph data, offers real-time detection of connectivity anomalies and threats, ranging from large language model-related traffic to unidentified IP activity. Illumio Segmentation enables organisations to define and implement security policies, including dynamic quarantine and Zero Trust microsegmentation.

Andrew Rubin, Chief Executive Officer and Founder at Illumio, shared details about the integration and collaboration.

"When Igor called in April 2024 and asked if we were ready to deploy at Microsoft, I told him that given the size and scale of the environment, unlike anything that any segmentation vendor had ever seen or attempted, we would need to closely partner to do it. I assured him that every team member at Illumio would do anything and everything possible to ensure success. From the beginning, we have believed in the power and scalability of the AI network security graph, and with the deployment at Microsoft, we can now definitely say it is the future of cybersecurity."

The announcement also includes Illumio's entry into the Microsoft Sentinel partner ecosystem. Microsoft Sentinel is evolving to an AI-enabled security platform, which brings together unified security data and provides graph-powered visibility and context for security operations. By embedding Illumio Insights into Sentinel's data lake, security graph and Security Copilot, organisations using Microsoft infrastructure now have access to real-time visibility and containment capabilities within their established Microsoft workflows.

Andrew Rubin commented on this partnership with Microsoft Sentinel.

"As organisations face increasingly complex threats across hybrid and multi-cloud environments, complete visibility and rapid containment have never been more important. By integrating Illumio Insights directly into Microsoft Sentinel's data lake and security graph as well as Security Copilot, we're empowering security teams to detect risks faster, follow attack paths with precision, and instantly isolate threats - all within their existing Microsoft workflows. This collaboration reduces alert fatigue, accelerates investigations, and delivers effective breach containment and dramatic improvements in cyber resilience. We're proud to work closely with Microsoft to make these capabilities easier to access and deploy for organisations everywhere."

Microsoft echoed the importance of an integrated approach to security. Vasu Jakkal, Corporate Vice President, Microsoft Security said,

"We've reimagined Microsoft Sentinel as an AI-ready platform, unifying security data into a single, enriched data lake that delivers graph-powered visibility and intelligent agent capabilities. This transformation positions Microsoft Sentinel as the backbone of modern defense, offering deep context, connected insights, and empowering security teams to act with precision, and stay ahead of evolving threats. This transformation is amplified by a vibrant partner ecosystem. We are grateful to our partners that use Microsoft Sentinel to create integrated solutions and make them available in the Security Store. This collaboration powers a collective defense, because after all - security is a team sport."

Illumio is working alongside Microsoft product teams to shape and validate Sentinel's ongoing product development. This collaboration involves the creation of solutions such as analytics, playbooks, connectors, and Security Copilot agents, with the aim of improving security outcomes for organisations through the Microsoft Security Store.

Microsoft Sentinel's expansion beyond traditional security information and event management (SIEM) highlights the platform's new role as an AI-enabled defence backbone for enterprises, making partner-developed security innovations like Illumio accessible to a wide range of customers.