DGS can support their customers to implement the Detection & Response Technique according to MITRE ATT&CK Framework leveraging on Microsoft Azure Security Platform.
Security leaders are seeking event management solutions with capabilities that support early attack detection, investigation and response.
The scope is to minimize attack remediation time leveraging on Detection & Response Technique according to MITRE ATT&CK Enterprise Framework. The solution works exploiting the Microsoft Security Ecosystem with Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Azure Defender and Azure Sentinel to enable an Attack Automated Response.
The solution accelerates the identification of an attack and map it according to the MITRE’s techniques whit specific Rules.
Driven by techniques remediation Actions or Playbooks are implemented in accordance with the maturity of the company's cyber security infrastructure.
Below a typical project timeline template which will be customized according to customer needs (R: responsible, C: consulted):
The project’s deliverable is a package composed by SIEM Rules, SOAR Playbooks, CWPP Alerts and Actions and optimized configurations.
With the ”DGSATT&CK powered by Microsoft” solutions the customers will be able to reduce the Detection & Response time (Dwell Time), reduce the TCO and improve the efficiency.