Sentinel HealthCheck: Assessment


A one-day assessment service to improve your Microsoft Sentinel deployment

The basic set-up of Microsoft Sentinel is reasonably easy, enabling you to handle security incidents and receive data analysis right out of the box. But expert advice is needed to the ensure the full game-changing capabilities of the solution are leveraged to the max.

We see a number of common issues: • The original SIEM may continue to be in use, which is time-consuming and costly • Non-Azure cloud platforms may not be integrated • Sentinel may not be connected into 3rd party solutions • Security appliances for syslog and CEF forwarding may be log intensive and noisy • Excessive time may be spent handling thousands of alerts with poor prioritisation and poor visibility across the business

This is where our one-day health check can help. Our security engineers interrogate your Sentinel environment using view-only access. We provide an assessment across a number of key areas: threat intelligence, logs and connectors, fidelity and visibility, investigation and data enrichment, as well as advising on overall health and tuning.

Our service includes: • Scoping session to understand your business requirements and infrastructure • Analysis all log sources for fidelity, visibility and value • Assessment of your current threat hunting and gathering of threat intelligence • Reviewing of your alerting rules and playbooks • Recommendations on response automation and MDR • A full cloud security assessment

The results of the health check are presented back to you on completion. Our recommendations include a clear roadmap to help you improve your deployment of Sentinel to ensure you are leveraging the full capabilities, operating efficiently and deriving maximum value from the solution.

Effectively assessing and deploying Microsoft Sentinel into our client’s businesses is what we do each day – and we have the awards and customer recommendations to prove it. Please get in touch to find out more.