Implementing

Microsoft Sentinel is the Security Information and Event Management (SIEM) solution from Microsoft, which can be provided as a SaaS solution in Azure. Many companies use different tools from different manufacturers for operational monitoring of their on-premises or cloud-based infrastructure. Due to the complexity of these systems, it is becoming increasingly difficult to consolidate and process all information from all relevant platforms in a central location and to react promptly to security incidents.

Sentinel provides a cloud-based solution to monitor critical on-premises or cloud infrastructures, detect threats early and respond to them manually or automatically. In addition, Advanced Threat Hunting, Machine Learning, and other technologies in Sentinel also create many opportunities to better understand the origin and nature of the attack.

Our experts will help you plan and deploy Microsoft Sentinel, connect all relevant systems, and adapt it to your daily Security Operations Center (SOC) operations.

Services:

• Analysis of the existing on-premises and cloud-based infrastructure
• Identification of all critical systems and assets
• Building a Microsoft Sentinel pilot
• Connection of all relevant systems
• Creation and customization of threat hunting rules
• Creation of runbooks and workflows for incident response
• Creation of dashboard and other tools for reporting

Contact us

Do you have any questions about our training offerings? Simply let us know your requirements using our contact form or call us at +386 1 320 78 80 and we will be happy to advise you!