BlinkOps Partners with Microsoft: Transforming Security Operations Through Automation

This announcement marks a significant milestone in our mission to help security teams adopt robust security automation to address operational challenges faced by security teams. Complimenting Microsoft Sentinel’s core capabilities, we are transforming every alert or signal from Microsoft Sentinel into a streamlined, contextualized, and highly effective end-to-end workflow.

Benefits for Our Customers

We are at a critical juncture. All security teams are overwhelmed with alerts, are often under-staffed, and constantly struggle to implement automation due to the engineering overhead and the inherent limitations of deterministic workflows - now they finally have a way to address those challenges. 

You can now respond to a high volume of alerts instantly, without facing development bottlenecks. We have removed the common obstacles that have held teams back: no more time wasted on custom scripts, third-party tool integrations, infrastructure setup, or manual response tasks - just instant action.

Every security practitioner can leverage the power of BlinkOps to execute particular and contextualized workflows directly from Microsoft Sentinel alerts. For teams that are stretched thin but still expected to scale, this capability is a game-changer. Whether you're operating across multiple cloud environments, business units, or customer tenants, this enables you to respond with confidence.

How BlinkOps and Microsoft Help Meet Your Security Needs

Not all workflows are the same - a simple deterministic workflow can be highly effective - enrichment of an IP address with threat intel or mapping a user to a role are a couple of simple daily examples that would save a lot of time for an analyst. Some situations require the involvement of humans to approve an action or determine the next path, while others can be executed without human interaction. BlinkOps simplifies this process with seamless integration into Microsoft Teams and other communication platforms.  Here are a few examples of workflows built by our customers that demonstrate the power of this partnership:

Effective Identity Theft Protection: Imagine this scenario – Microsoft Sentinel receives an alert about a suspicious login. Instead of having to investigate manually, a Blink workflow automatically assesses the user’s employment status through Workday and checks for any recent password reset activity. If the login appears unverified, the workflow sends an approval request directly to your team via Teams. Once approved, Blink can automatically suspend the user in Entra ID, eliminating the need for manual follow-up or delays. This is the kind of contextual and intelligent automation that truly transforms security measures.

Malware Response at Machine Speed: When Microsoft Sentinel receives a confirmed malware alert from Microsoft Defender for Endpoint, a Blink workflow can quickly evaluate whether the device is enrolled in Intune and check its Microsoft Defender risk score. If the risk is high, the workflow sends an isolation request to the Security Operations Center (SOC) in Microsoft Teams. Once approved, Blink isolates the device. This process eliminates the typical manual coordination and delays.

Service Account Security Made Simple: If Microsoft Sentinel detects any unusual activity related to service accounts, a Blink workflow can verify elevated roles and check for recent multi-factor authentication (MFA) usage. If the role is elevated and there is no MFA, the workflow can provide options to either remove those roles or initiate a forced password reset. Once approved, Blink triggers the updates in Entra ID. It’s that simple!

Getting Started is Simple!

Here's something that makes this partnership even better for our customers - BlinkOps is now available in both the Microsoft Azure Marketplace and the Content Hub. By applying your Azure Consumption Commitment, you can streamline the entire procurement process.

You can literally deploy BlinkOps in minutes, connect to Microsoft Sentinel, and start running those prebuilt workflows - and as I mentioned, no coding required!

We are helping teams get up and running in the time it used to take just to schedule a meeting about automation. We're talking deployment in minutes, and not weeks.

Looking Ahead

And this is just the beginning! We are actively exploring ways to expand this partnership across other Microsoft products and platform integrations. Our goal is to provide similar value to additional security teams and users throughout entire organizations.

The value of BlinkOps for Microsoft Sentinel users is clear: faster and more consistent responses, enabling SecOps teams to increase velocity, reduce backlogs, and focus on strategic initiatives. I couldn't be more excited about what we're building together with Microsoft and what it means for security teams everywhere.

BlinkOps is now available in the Microsoft Azure Marketplace and Content Hub. Learn more about Blink's Microsoft Sentinel and Microsoft Azure integration capabilities.