Northwave offers an Intelligent combination of cyber security services to protect your information using Microsoft security tools. Every organisation has embarked on a journey of digitalisation, in which adequate information security plays a vital role. Adequacy is maintained only when multiple fields of expertise are smartly integrated into one interdisciplinary Security Operation, with a continuous focus on the actual risks of a business. With our integrated Managed ICT Security Services, we make the highest quality possible available to every organization. Northwave integrates people, processes and technology into an Intelligent Security Operation; smart security that controls proactive and reactive measures. Enabling you to get a tailor-made grip on this complex but vital domain. WHAT IS INCLUDED IN THIS SERVICE? This service is the managed SOC service from Northwave (a Managed Detection & Response -- MDR). With this service, Northwave monitors the infrastructure, endpoints and online presence of its customers 24/7. Concrete threats and attacks result in alarms, which are analyzed and followed up by experienced analysts, subsequently providing the customer with actionable advice. Northwave provides this service from their SOC (Security Operations Center) in Utrecht, The Netherlands. A risk-based approach is used to monitor the on-premise and cloud-based digital environments of our customers. The basis of this Northwave service is the intake of log data (logs) from servers, applications and equipment of the customer by Northwave. Northwave writes detection rules that generate alarms based on a correlation between these logs. In addition to logs, Northwave can use: (1) Any Microsoft security-related log/tool (ex. Azure Active Directory logs, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, Microsoft 365 Defender, Azure Defender, Windows Security logs) (2) Network information by placing equipment in the customer's network (ie. a Network Intrusion Detection System). (3) Open- and closed- Threat intelligence HOW DOES NORTHWAVE LEVERAGE YOUR MICROSOFT/AZURE SERVICES? Via Azure Lighthouse, Northwave is able to connect to your tenant and configure/manage your Microsoft security-related tools (ex. Azure Active Directory logs, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, Microsoft 365 Defender, and Azure Defender). While data/logs/events are ingested at your tenant, the monitoring rules are created on an isolated Log Analytics workspace with the Northwave tenant using Continuous Integration and Continuous Delivery (CI/CD).