Devoteam M Cloud - Sentinel Accelerator

Cloudeon A/S

Start your Cloud-native SIEM with Azure Sentinel. We fast track your implementation - design, deployment and start your hunting!

With Devoteam M Cloud Sentinel Accelerator, you will have a production ready Sentinel implementation, delivered in 3 weeks, improving security visibility across multi-cloud and Hybrid platforms.

A known problem of cybersecurity is the ability of organisations to realise they have been compromised. Some organisations have had data leaks for several years without noticing. It is not only about data leak but it is the way security has been managed until now. Typical response methods to incidents are reactive, security teams have to wait for a visible sign of an attack. The current problem is that a rising number of attacks are targeted, focused on the company’s data and invisible!

Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response.

Devoteam M Cloud Sentinel Accelerator will help your SOC to get up to speed with a threat hunting, responding, measuring and preventing threats over cloud and hybrid infrastructure.

Scope:

  • Integration with company’s Microsoft Azure estate, on-prem and other clouds resources (up to 5 connectors)
  • Configuration of threat intelligence sources and hunting capability
  • Set-up of alert rules based on Microsoft alert catalog
  • Enabling workbooks based on connectors and playbooks
  • Advise on Azure log volume and cost optimization related to Sentinel.
  • Documentation of all stages of the implementation

Process:

  • Kick-off session and definition of connectors requirements
  • Workshop with relevant stakeholder
  • High-level design delivery
  • Implementation of Sentinel
  • Tuning and optimization after 1 week collections of data from connectors
  • Documentation and handover session

Outcome:

  • Design and high-level architecture of the deployed solution
  • Production ready Sentinel deployed
  • Analytic rules and playbook based on Microsoft operational practice
  • POC dashboard
  • Documentation

Time frame:

  • The Accelerator usually takes 3 weeks, if required permissions and relevant stakeholder are available

Price:

  • Price is fixed based on the scope above
  • With special or increased customer requirements, Devoteam M Cloud can adjust and expand the scope
https://store-images.s-microsoft.com/image/apps.52050.bbc70449-8de0-4ddd-af63-35687a0eee15.4fc1f978-13b1-4543-976d-1a909c434318.70ee7937-a1cc-48e3-bce0-787644cb4daa
https://store-images.s-microsoft.com/image/apps.52050.bbc70449-8de0-4ddd-af63-35687a0eee15.4fc1f978-13b1-4543-976d-1a909c434318.70ee7937-a1cc-48e3-bce0-787644cb4daa
https://store-images.s-microsoft.com/image/apps.17822.bbc70449-8de0-4ddd-af63-35687a0eee15.4fc1f978-13b1-4543-976d-1a909c434318.efa3628c-9be2-4ebf-98a4-8e3a8452a6b6
https://store-images.s-microsoft.com/image/apps.28077.bbc70449-8de0-4ddd-af63-35687a0eee15.4fc1f978-13b1-4543-976d-1a909c434318.f2a83130-8f51-44fa-9ef5-83a0ead2ed7d
https://store-images.s-microsoft.com/image/apps.33745.bbc70449-8de0-4ddd-af63-35687a0eee15.4fc1f978-13b1-4543-976d-1a909c434318.0259dcd0-c8ca-4b4b-9a35-0e7c155932b0