https://store-images.s-microsoft.com/image/apps.21900.768bb5ed-71c2-42f8-adc8-269964046ca2.683dc5df-b787-465e-8f65-fcf26c89ec2d.6d502c52-b5cb-45c7-bd18-2607bb31d97a
AC3's Detection and Response for Microsoft Sentinel Managed Service
AC3
AC3's Detection and Response for Microsoft Sentinel Managed Service
AC3
AC3's Detection and Response for Microsoft Sentinel Managed Service
AC3
AC3’s Detection & Response service combines the power of Sentinel and AC3’s 24x7 Security Operations Centre to ensure that your environment is continuously monitored for threats, suspicious events are investigated, and intrusions are responded to.
AC3’s Detection and Response for Microsoft Sentinel Managed Service combines the power of Sentinel and AC3’s 24x7 Security Operations Centre to ensure that your environment is continuously monitored for threats, suspicious events are investigated, and any suspected intrusions are responded to rapidly.
Located within a purpose-built facility within Sydney, AC3’s SOC is staffed by a team of certified cyber security experts that are solely focused on keeping your business safe and secure.
AC3’s Detection and Response for Microsoft Sentinel Managed Service includes:
Proactive Management
- Preparation: To ensure your organisation is prepared to detect and manage security incidents, AC3’s Cyber Security Team will provide:
- Integration with AC3’s Threat Intelligence Platform
- Tuning of threat feeds & intelligence
- Log Analysis & Verification
- Log Source Collection Hygiene & Maintenance
- Use Case Creation & Maintenance
- Integration with AC3’s Threat Intelligence Platform
- Detection & Analysis: We analyse symptoms and investigate if the situation is an incident.
- 9x5 Business Days “Eyes on Glass” Security Event Monitoring & Analysis, with 24x7 after hours on-call support
- Dynamic Analysis, Correlation and Normalisation of Events
- Identification, Classification & Prioritisation
- Notifications & Escalations
- Validation and Adoption of SIEM tool updates to Rules, Dashboards & Alerts
- Reactive Security Incident tracking until the start of Containment, Eradication & Recovery.
- Dynamic Analysis, Correlation and Normalisation of Events
- Containment, Eradication & Recovery: To gather intel to identify the extent of the compromise in order to mitigate the impact, contain and deploy countermeasures. AC3 will:
- Create and update the AC3 Security Incident Playbooks to ensure we effectively and efficiently communicate with you about identified incidents.
- Post-Incident Activities
- Improving your security posture through lessons learnt to prevent re-occurrence.
- Post Incident Review (PIR) & Corrective and Preventative Actions (CAPA) for
- P1 Security Incidents – containing critical data and general recommendations.
- 9x5 Business Days “Eyes on Glass” Security Event Monitoring & Analysis, with 24x7 after hours on-call support
Reactive Support
- Access for your IT department via ITSM portal, phone, and email tAC3’s Service Desk team to log, troubleshoot and resolve issues within the scope of the Service Inclusions.
- General advice and guidance on common SIEM issues and integrations.
Vendor Support
- Escalating incidents to Microsoft should there be any issues with SIEM functionality.
Reporting
- Three monthly delivered reports, covering:
- Standard Monthly ITIL Service Management ticket reporting from the AC3 ITSM system including all tickets raised by type and status.
- Standard Monthly Security Report documenting general SIEM activity, notable incidents, total assets monitored, and areas of improvement.
- Compliance Reporting on supported standards as configured (e.g. PCI-DSS and ISO/IEC 27001)
https://store-images.s-microsoft.com/image/apps.40742.768bb5ed-71c2-42f8-adc8-269964046ca2.683dc5df-b787-465e-8f65-fcf26c89ec2d.e372c612-9249-4bb7-85b3-98c2585a2568
https://store-images.s-microsoft.com/image/apps.40742.768bb5ed-71c2-42f8-adc8-269964046ca2.683dc5df-b787-465e-8f65-fcf26c89ec2d.e372c612-9249-4bb7-85b3-98c2585a2568
https://store-images.s-microsoft.com/image/apps.62876.768bb5ed-71c2-42f8-adc8-269964046ca2.683dc5df-b787-465e-8f65-fcf26c89ec2d.bcd65843-d2ac-480a-8540-a9c9d7b0ccc5
https://store-images.s-microsoft.com/image/apps.51112.768bb5ed-71c2-42f8-adc8-269964046ca2.683dc5df-b787-465e-8f65-fcf26c89ec2d.671bd1e2-df53-4b25-a4f5-e54fb23803a2
https://store-images.s-microsoft.com/image/apps.53584.768bb5ed-71c2-42f8-adc8-269964046ca2.683dc5df-b787-465e-8f65-fcf26c89ec2d.f3df3139-53c4-43e1-96d0-c64be645b486