https://store-images.s-microsoft.com/image/apps.28008.15058f3c-5aa8-4ba4-8f01-31a4ed2a9a5d.9751003f-349b-4044-9517-0c6ff510d529.f2ad2b5d-0954-49ef-a5b1-f28d5275c916
Platform Security - Managed Service
Cognizant
Platform Security - Managed Service
Cognizant
Platform Security - Managed Service
Cognizant
Cognizant Microsoft Business Group's managed Platform Security service complements / integrates with your existing IT services, enabling your team to focus on providing great user support and working on initiatives that deliver significant business value.
Platform Security provides a comprehensive and cost-effective security management service for your infrastructure platforms. It is designed to be used by customers looking for an accredited Microsoft service partner to help manage the security of their Microsoft infrastructure platforms. The Platform Security managed service complements and integrates with your existing IT services, enabling your team to focus on providing great user support and working on initiatives that deliver significant business value, while Cognizant Microsoft Business Group efficiently handles the operational activities normally associated with managing security concerns for platform infrastructure.
1. Core Services for included technologies:
a. Escalate potential major security incidents for further investigation with client teams & contracted security providers
b. Participate in major incident investigations that involve Platform Security
c. Maintain Detection/Risk level runbook to define customer expectations for detection investigation
d. Review, advise on and assist with implementing recommendations provided by “Microsoft Secure Score”
e. Maintain high-risk entity list – entities that may be targeted due to their role or position, including employee typical location, travel locations, executive assistants, or infrastructure components with increased sensitivity
f. Recommend new security capabilities and add to a Platform Security roadmap (when the ‘Service Management and Governance’ service is purchased)
g. Monthly Platform Security Summary Report (when the ‘Service Management and Governance’ service is purchased)
2. Defender for Endpoint (servers):
a. Investigate and remediate endpoint security alerts
b. Network Isolation or Live Response of endpoints as required
c. Review and approve remediations for Automated Investigations
d. Review and maintain Attack Surface Reduction configuration
e. Review and maintain Next-Generation Protection configuration
f. Review and maintain Hardware-based Isolation configuration
g. Review and report on discovered vulnerabilities
h. Review and hunt for indicators of the latest threats
3. Defender for Cloud:
a. Investigate and remediate Defender for Cloud alerts
b. Maintain and monitor compliance to Azure Security policies
c. Monitor and advise on action for Defender for Cloud recommendations
d. Configure advanced cloud defense services such as Just-In-Time VM access
4. Microsoft Sentinel:
a. Investigate and remediate alerts
b. Configure and maintain data sources and connectors
c. Configure and maintain Analytics (detection) rules
d. Configure and maintain Workbooks (dashboards)
e. Configure and maintain Playbook automations
f. Review and hunt for indicators of the latest threats
1. Core Services for included technologies:
a. Escalate potential major security incidents for further investigation with client teams & contracted security providers
b. Participate in major incident investigations that involve Platform Security
c. Maintain Detection/Risk level runbook to define customer expectations for detection investigation
d. Review, advise on and assist with implementing recommendations provided by “Microsoft Secure Score”
e. Maintain high-risk entity list – entities that may be targeted due to their role or position, including employee typical location, travel locations, executive assistants, or infrastructure components with increased sensitivity
f. Recommend new security capabilities and add to a Platform Security roadmap (when the ‘Service Management and Governance’ service is purchased)
g. Monthly Platform Security Summary Report (when the ‘Service Management and Governance’ service is purchased)
2. Defender for Endpoint (servers):
a. Investigate and remediate endpoint security alerts
b. Network Isolation or Live Response of endpoints as required
c. Review and approve remediations for Automated Investigations
d. Review and maintain Attack Surface Reduction configuration
e. Review and maintain Next-Generation Protection configuration
f. Review and maintain Hardware-based Isolation configuration
g. Review and report on discovered vulnerabilities
h. Review and hunt for indicators of the latest threats
3. Defender for Cloud:
a. Investigate and remediate Defender for Cloud alerts
b. Maintain and monitor compliance to Azure Security policies
c. Monitor and advise on action for Defender for Cloud recommendations
d. Configure advanced cloud defense services such as Just-In-Time VM access
4. Microsoft Sentinel:
a. Investigate and remediate alerts
b. Configure and maintain data sources and connectors
c. Configure and maintain Analytics (detection) rules
d. Configure and maintain Workbooks (dashboards)
e. Configure and maintain Playbook automations
f. Review and hunt for indicators of the latest threats
https://store-images.s-microsoft.com/image/apps.5069.15058f3c-5aa8-4ba4-8f01-31a4ed2a9a5d.9751003f-349b-4044-9517-0c6ff510d529.81abcb42-3732-47bc-b238-56832e1172c0
https://store-images.s-microsoft.com/image/apps.5069.15058f3c-5aa8-4ba4-8f01-31a4ed2a9a5d.9751003f-349b-4044-9517-0c6ff510d529.81abcb42-3732-47bc-b238-56832e1172c0
https://store-images.s-microsoft.com/image/apps.4139.15058f3c-5aa8-4ba4-8f01-31a4ed2a9a5d.9751003f-349b-4044-9517-0c6ff510d529.0ee4a63a-a1e8-4a29-b6ad-ca0b11eff66a