Build end-to-end cybersecurity solutions for Azure Sentinel that delivers enterprise value by collecting data, managing security, detecting, hunting, investigating, and responding to cybersecurity threats!

As organizations’ digital estate grows, so does the volume of security data. Per a detailed study by Microsoft’s Enterprise Strategy Group (ESG), 76% of organizations report an increase which continues to keep growing. To shore up their defenses, enterprise have deployed dozens of security products, each producing a large volume of alerts. In isolation, these products may have high false positive rates and poor response prioritization, resulting in deafening alert noise. As a result, organizations report that 44% are never investigated. Part of the reason for these alerts to fall through the cracks is a massive shortage in security professionals. A recent report by CSO magazine showed that this global talent shortage will increase to 3.5 million unfilled security jobs by 2021.

This is where Azure Sentinel, Microsoft’s cloud native Security Incident and Event Management (SIEM), enables organizations to achieve more by tapping into the scale and intelligence of the cloud to deliver instant value to defenders, auto-scale to enterprise needs and improve effectiveness of operations using Artificial Intelligence (AI) and automations.

Azure Sentinel has been named a Leader in The Forrester WaveTM: Security Analytics Platform Providers, Q4 2020, with the top ranking in strategy.

Azure Sentinel provides a platform for security analysts and threat hunters of various levels to not only leverage existing content like workbooks (dashboard), playbooks (workflow orchestrations), analytic rules (detections), hunting queries, notebooks, etc. but also to build custom content and solutions as needed. Furthermore, Azure Sentinel also provides APIs for integrating different types of applications to connect with Azure Sentinel data and insights. This hackathon challenge revolves around how you can provide the ultimate enterprise value by delivering an end-to-end solution via Azure Sentinel content and/or integrations. Refer to the Get Started guide for resources and inspiration.

Hackathon Sponsors

Prizes

$19,000 in prizes

First Prize

* $10,000 USD cash
* Blog post, social and Azure Sentinel banner featuring the winning submission

Second Prize

* $4,000 USD cash
* Blog post, social and Azure Sentinel banner featuring the winning submission

Runner Up (2)

* $1,500 USD cash
* Blog post, social and Azure Sentinel banner featuring the winning submission

Popular Choice

* $1,000 USD cash
* Blog post, social and Azure Sentinel banner featuring the winning submission

First 10 Eligible Submissions (10)

* $100 USD cash

Devpost Achievements

Submitting to this hackathon could earn you:

Requirements

Main Requirement

Submissions must be built for Azure Sentinel and can be in the form of one of the following project types:

Project Type 1: Azure Sentinel solutions that include at least three different content types like data connectors, workbooks, playbooks, analytic rule templates, investigation / exploration queries, notebooks, hunting queries, parsers (Kusto Functions) to deliver an end-to-end monitoring - detection - investigation - response scenario. These scenarios can fulfill:

    • product value (like Teams or Zoom, etc.) and/or
    • domain value (like compliance scenarios, or threat intelligence capabilities or networking capabilities, etc.) and/or
    • industry vertical value (like finance, healthcare, etc.).

Extra credit for including more and relevant content in the submission.

These may be submitted as an Azure Sentinel solution by following guidance at https://aka.ms/sentinelsolutionsbuildguide 

Project Type 2: Azure Sentinel API integrations that deliver enterprise value and / or can enable easy migration of organizational content to Azure Sentinel. 

Project Type 3: Standalone or one-off Azure Sentinel content submissions that include only a data connector or only workbooks or only analytic rule templates or only playbooks or only notebooks or only hunting queries.

Additional Submission Requirements

  • Include a text description that explains the features and functionality of the submission and describe how the submission could help enterprise cybersecurity using Azure Sentinel.
  • Submit a demo video (hosted on YouTube, Vimeo). Your video should include a demo of your working submission via a step-by-step visual demo.
  • Please submit at least one image/screenshot of your submission.
  • Link to Azure Sentinel GitHub Pull Request (PR) or public code repository (GitHub preferred) to the working submission with detailed Readme on how to deploy the submission and use it in Azure Sentinel. Submissions can be done as a Pull Request directly to the Azure Sentinel GitHub repository and look up the https://github.com/Azure/Azure-Sentinel/wiki  for contribution guidance. For submissions to the Azure Sentinel GitHub, have a prefix as [Azure Sentinel Hackathon 2021] in the PR title as these will be reviewed as part of the judging process.

 

 

Judges

Ann Johnson

Ann Johnson
Corporate Vice President, Cybersecurity Solutions Group, Microsoft

Vasu Jakkal

Vasu Jakkal
Corporate Vice President, Microsoft Security, Compliance and Identity

John Lambert

John Lambert
Distinguished Engineer and General Manager, Microsoft Threat Intelligence Center

Nick Lippis

Nick Lippis
Co-Founder, Co-Chair ONUG

Andrii Bezverkhyi

Andrii Bezverkhyi
CEO & founder of SOC Prime, inventor of Uncoder.IO

Judging Criteria

  • Quality of Idea
    Indicates creativity, originality, and the potential to significantly improve organizational security using Azure Sentinel
  • Value to Enterprise
    Demonstrates usefulness to an enterprise, for example by streamlining or automating security operations, reducing threat detection and response times, or improving the effectiveness of existing security tools or enables migration to Azure Sentinel
  • Technical Implementation
    Assesses how well the idea was executed by the submitter, including the user experience, the complexity of the scenarios, blending in Microsoft and non-Microsoft entities or data or other APIs with Azure Sentinel, and whether it performs as expected

Questions? Email the hackathon manager

Tell your friends

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.