- Konsulenttjenester
Sentinel & SOAR usage review : 10day assessment
Assess your implementation and usage of Sentinel and SOAR in view of optimising your SOC
10 days to review and propose optimisation on your usage of Microsoft Sentinel and SOAR by your Security Operating Center, We work with your team (interview, workshop, technical review) to understand your usage and use our experience to provide you insight on how to better use Sentinel and make the most of it. Can include : Assess the relevance of your analysis rules and associated responses (playbook, logic app) Assess the proper usage of SOAR catalog provided by Microsoft FINOPS tips to decrease your cost : logs filtering, storage management Prioritie for your data connectors, Forgotten log sources, RBAC table level