Built on Azure Cloud Services, our MSSP SOC service is a managed security service using the power of Azure Sentinel platform and benefits of Hacknowledge Services and expertise.
Our Azure Sentinel MSSP Soc Service, our managed Azure Sentinel SIEM service is tailored to increase the organization visibility into its security posture and to better respond to cybersecurity incidents. Our managed service includes: • Deployment and configuration of Azure Sentinel SIEM in customer Azure subscription and activation of the Azure/Office 365 Data Connector. Our team will assist customers to deploy Azure Sentinel and onboard the logs. • Configuration of a starter pack of analytic rules with more than 20 analytic rules (Detection use cases) related to the log sources for monitoring activities (such as. Azure AD, Office 365, Sharepoint Online, Azure Activity etc.) • SIEM support during security incidents: Managed Sentinel has extensive hands-on experience managing complex security breaches and will support the customer during security incidents with analytics, threat hunting and custom reporting. • Continuous Use Case Tuning: The most valuable component of a managed SIEM service consists in the continuous alerts and playbooks tune-up in order to stay aligned with the current threat landscape. • Threat Intelligence configuration to enrich the collected data and add valuable detection use cases • Hacknowledge Sensor (physical or virtual) to enrich logs and detection with vulnerability scanner, IDS, honeypots, log collector and more • Regular Service Review: Managed Sentinel SOC team meets regularly the customer to review and collect feedback and new requirements on alerts, playbooks and workbooks. • Note 1: This service will run in customer Dedicated Azure subscription