Microsoft Sentinel Design, AI ,Deployment, Enablement, and Management
- SIEM feature and functionality comparison and use case analysis
- Architectural and log retention design
- Log volume quantification and Azure consumption cost estimation
- Supported and custom data source connectivity
- Threat intelligence enablement
- Alerting rules, workbooks (visualizations), and query development
- Workflow and orchestration development for both analyst-triggered and automated response
- Proof of Concept design, delivery, and analysis
- SecOps training and integration into your security program
Managed Detection and Response (MDR) and Managed XDR (MXDR)
- Identification of and support for improvements to reduce threat volumes
- Threat detection and response
- Integration of additional Microsoft security tools into threat analysis
- Scenario-based, free form, and triggered threat hunting
- Configuration and patching tracking
- Ongoing Microsoft Sentinel / Azure cost management
- Additional data source connectivity, security content and automation development
- Microsoft Security (XDR/Defender) management and development
- Microsoft Sentinel management and maintenance
- Continuous SecOps training