Azure Sentinel Proof of Concept: 10-day POC


Understand how Azure Sentinel could help you modernise your security operations and enhance your threat detection and response capabilities to better protect your organisation.

Modern cyber security needs to be intelligent, adaptive and make best use of automation and machine learning to keep pace with today’s threats. Traditional SIEM solutions gather and present security alerts but the increasingly frequent and sophisticated attacks, volume of alerts and need for rapid detection and remediation has led to a shift to more modern solutions. Azure Sentinel is a cloud native SIEM and SOAR solution backed by Microsoft’s advanced telemetry, providing a single solution for alert detection, investigation, remediation, and proactive hunting.

Our Azure Sentinel POC offers a low-risk option for seeing the value of how your organisation could benefit from Azure Sentinel and give you a demonstration of the advanced threat detection, response, and hunting capabilities.

Project Phases

Discovery – We will gather business and technical requirements and review your current security operations, including: Existing SOC tools and platforms. Security policies and procedures. Use cases, rules, and alerts. Identify data sources. Remediation automation discovery. Design – We will define and agree the POC plan and desired outcomes with you and agree data sources to configure for the pilot. Implementation – Following the design we will: Setup Azure Sentinel in your tenant, integrate agreed data sources (CEF or Syslog data sources for the POC), import threat intelligence, add custom alerting rules, and add automation playbooks, and develop custom dashboards and analytics. Review & Handover – Following the implementation, we present the Azure Sentinel pilot and show discovered threats, demonstrate key areas such as automated remediation and threat hunting, and discuss next steps.

Following the POC, we can provide project handover documentation, work with you to advance your Azure Sentinel deployment or if you are looking for a Managed SIEM or a fully Managed CSOC service, we can onboard you into our managed security services.