Managed Threat Hunting: 10-Weeks Implementation


Simplifying Security Ops on Azure Sentinel - Managed Threat Hunting

As the digital revolution continues, cybersecurity is a core business requirement to protect critical business processes, assets and data from cyber attacks. A key component of cybersecurity is security monitoring. Moving business operations to the cloud has become ever more popular, a consequence of which is a diverse attack surface and the fragmentation of security tooling, making it more expensive and difficult to manage. Traditional on-premises SIEM solutions hinder the digital revolution. They’re often unsuitable for taking in and analyzing logs from multi-cloud environments, are costly to buy and maintain and difficult to scale. By combining Azure Sentinel with KPMG security operations advisory services, the security operations tooling of your organization can be right on track.

Azure Sentinel is a cloud-based SIEM-SOAR solution offering ‘limitless cloud speed and scale’ combined with AI and built in orchestration and automation of common tasks with native integration with Microsoft products such as Office 365 as well as other cloud solutions and on-premise logs.

During this 10-weeks implementation, KPMG will

  1. Develop the SecOps Transformation programme, including simplified architecture, migration from legacy security tooling, requirements (log sources, use cases) and integration with existing legacy security tooling
  2. Build ready-to-go playbooks for common use cases (Office 365, Phishing and etc.), create custom playbooks, configure log forwarders and activate built-in and/or custom security dashboards
  3. Integrate Sentinel alerts with client’s existing incident management system and/or ticketing systems
  4. Provide a one-off training
  5. Conduct a one-off “system health check” after 30 days from implementation acceptance