Azure Sentinel 10-Wk Implementation

PwC

Rapidly integrate Azure Sentinel-driven TDR capabilities into your existing IT estate or replace your existing SIEM or implement a new cyber operations capability from the ground up.

PwC has developed two managed cyber operations solutions which rapidly integrate Azure Sentinel-driven threat detection and response (TDR) capabilities into your existing IT estate. Whether you are looking to replace your existing SIEM or implement a new cyber operations capability from the ground up, PwC and Microsoft can help you.

PwC's Rapid Release:

  • Deploy and manage your TDR solution within 100 days
  • Develop custom content (e.g., SIEM use cases, DLP policies, custom data source connectors, etc.)
  • Established processes and automation via a hybrid on-site and remote team
  • Continuous optimization and tuning

Weeks 1 through 3 - Analyze and Design phases

  • Understand current capabilities (if any)
  • Define business and technical requirements
  • Identify log data sources and use cases
  • Identify default and custom connectors
  • Develop future-state capabilities roadmap Weeks 4 through 10 - Deploy, Integrate and Build phases
  • Onboard Azure Sentinel and workspaces
  • Develop custom connectors
  • Onboard log and data sources
  • Develop and configure use cases
  • Develop SOPs and related documentation
  • Start transition to PwC’s CyberOps services team

PwC's Rapid Replace:

  • Migrate your existing SIEM use cases, data sources, and customizations to Azure Sentinel
  • Integrate your other TDR investments into Azure Sentinel
  • Develop custom connectors for data sources not currently supported by Azure Sentinel by default

Weeks 1 through 3 - Analyze and Design phases

  • Assess current SIEM design, content, and data sources
  • Identify content and data sources to migrate
  • Identify required connectors, including custom connectors to be created
  • Develop detailed migration plan Weeks 4-10 - Deploy, Integrate and Build phases
  • Onboard Azure Sentinel and workspaces
  • Develop custom connectors
  • Onboard log and data sources
  • Develop and test use cases
  • Migrate SIEM functionality to Azure Sentinel
  • Develop SOPs and related documentation
https://store-images.s-microsoft.com/image/apps.19585.b80cfa34-c7fd-4a3d-81e5-7b3e43db9e59.3f55781e-3f41-4776-b09a-48831f4493f6.6e6f7932-4fe7-4a39-91a6-dadf92b6a7cb
https://store-images.s-microsoft.com/image/apps.19585.b80cfa34-c7fd-4a3d-81e5-7b3e43db9e59.3f55781e-3f41-4776-b09a-48831f4493f6.6e6f7932-4fe7-4a39-91a6-dadf92b6a7cb
https://store-images.s-microsoft.com/image/apps.41864.b80cfa34-c7fd-4a3d-81e5-7b3e43db9e59.3f55781e-3f41-4776-b09a-48831f4493f6.6cb9e6b5-78e1-4a65-9281-838aadacb4b8
https://store-images.s-microsoft.com/image/apps.53806.b80cfa34-c7fd-4a3d-81e5-7b3e43db9e59.3f55781e-3f41-4776-b09a-48831f4493f6.abb7b3bd-de82-4dc2-bcfd-48ff50e55bbd
https://store-images.s-microsoft.com/image/apps.3983.b80cfa34-c7fd-4a3d-81e5-7b3e43db9e59.3f55781e-3f41-4776-b09a-48831f4493f6.82bda61c-f78c-4b98-8984-c3e5cbaf0522