Veeam Extends Support for Microsoft Sentinel to Elevate Security Intelligence, Data Resilience
Unifying Backup and Security Operations in Microsoft Sentinel, Empowering Organisations with Real-Time Backup Intelligence and Automated Threat Response for Enhanced Cyber Resilience

Veeam® Software, the global leader in data resilience, has announced the launch of its new Veeam App for Microsoft Sentinel. The solution provides advanced integration with Veeam Data Platform and empowers organisations to seamlessly detect, investigate, and respond to cyber threats and backup anomalies, delivering unmatched data resilience and operational efficiency across Security Operations Centres (SOC).
As cyber-attacks increasingly target backup environments, many SOC teams face a critical visibility gap in their security posture ecosystem, leaving organisations vulnerable to attacks on their last line of defence – their backups. The new Veeam App for Microsoft Sentinel helps close this gap by bringing backup intelligence directly into the SOC, allowing IT and Security teams to collaborate in real time, detect threats earlier, and respond with speed and coordination.
The Veeam App for Microsoft Sentinel delivers deep integration between Veeam Data Platform and the Microsoft Sentinel platform, including a cloud-native SIEM, bringing critical backup, threat, and ransomware intelligence into the heart of security workflows. Security teams can monitor and investigate Veeam backup events, including adversary tactics, techniques, and procedures (TTPs) detected by Veeam Recon Scanner, alongside other key security signals. With bi-directional automation and flexible connectivity, teams can enrich incidents, trigger restores, and automate recovery actions directly within Microsoft Sentinel.
“Data resilience is the foundation of modern cybersecurity,” said John Jester, Chief Revenue Officer (CRO) at Veeam. “With our new app for Microsoft Sentinel, data resilience meets security intelligence, empowering organisations with instant visibility into backup security events, suspicious activity, and ransomware threats. Veeam continues to empower SOC teams to act decisively, ensuring data remains safe and recoverable no matter what threats and cyber-attacks they face.”
Key Features of the New Veeam App for Microsoft Sentinel
-
Actionable Security Intelligence: Ingests 300+ Veeam backup and security events, including job failures, suspicious activity, ransomware detections, and Recon Scanner findings, mapped to MITRE ATT&CK for rapid, proactive threat detection. This is Veeam’s first SIEM integration to surface adversary TTPs, revealing early indicators of compromise.
-
Automated Response: Built-in playbooks and bi-directional API connectivity allow SOC teams to trigger restores, run malware scans, and launch remediation workflows instantly from within Microsoft Sentinel, streamlining response and reducing manual effort.
-
Unified Visibility: Microsoft Sentinel-native dashboards visualise key backup and security data such as threat detections, restore activity, and job health alongside existing SOC signals. This centralised view enables faster investigations and a stronger compliance posture.
-
Integrated IT and Security Collaboration: Breaks down silos and streamlines incident response by connecting IT and Security workflows within the SOC, improving collaboration, accelerating investigations, and strengthening ransomware defence.
Veeam integrations into leading security operation tools extend security visibility into backup data, improve threat detection, and automate incident response. Veeam’s commitment to modern protection now extends seamlessly into the Microsoft Sentinel ecosystem, helping organisations defend against cyber threats and ensure data resilience in an increasingly complex digital landscape.
New Veeam App for Microsoft Sentinel is now available at no additional cost for Veeam Data Platform Advanced and Premium customers via Microsoft Marketplace and Microsoft Sentinel Content Hub. For more information on Veeam, visit www.veeam.com.



