Defend Against Threats with SIEM Plus XDR​: 5-Week Workshop

Organizations today are managing a growing volume of data and alerts while dealing with tight budgets and vulnerable legacy systems. Get help achieving your broader security objectives—and identify current and real threats—by scheduling a Defend Against Threats with SIEM Plus XDR Workshop. We can help you develop a strategic plan customized for your organization and based on the recommendations of Microsoft experts in security. You’ll gain visibility into immediate threats across email, identity, and data, plus clarity and support on how to upgrade your security posture for the long term. You will also experience how leveraging Microsoft Sentinel, and the power of Azure, will enable you to build next-gen security operations with cloud and AI.

Given the volume and complexity of identities, data, applications, devices, and infrastructure, it’s essential to learn how secure your organization is right now, and how to mitigate and protect against threats moving forward. By attending this workshop, you can Identify current, ongoing security threats in your cloud environment; Walk away with actionable next steps based on your specific needs and objectives; Document your security strategy for the benefit of key stakeholders; and Better understand how to accelerate your security journey using the latest Microsoft Azure and Microsoft 365 security tools.

During this workshop, we’ll partner with you to strengthen your organization’s approach to cybersecurity. We’ll help you better understand how to prioritize and mitigate potential attacks, with:

• Deep analysis of cyberattack threats that are found targeting your organization
• Actionable recommendations to help immediately mitigate the identified threats
• A detailed assessment of your IT and security priorities and initiatives, direct from cybersecurity pros
• An inside look at Microsoft’s holistic approach to security, and how it relates to your organization
• Demonstrations of integrated security, including the latest Microsoft Azure and Microsoft 365 tools and methods
• Long-term recommendations from Microsoft experts about your security strategy, with key initiatives and tactical next steps

The Defend Against Threats with SIEM Plus XDR Workshop consists of modules which can be standalone or can be delivered through activities in multiple phases of the engagement. The Defend Against Threats with SIEM Plus XDR Workshop also has common activities that cover certain general aspects. These are:

• Pre-engagement Call
• Prepare and send Defend Against Threats with SIEM Plus XDR Workshop Questionnaire
• Kick-off Meeting
• Define Scope
• Next Steps Discussion

Module 1: Microsoft Sentinel - Experience Microsoft Sentinel and the power of Azure to find threats in the environment.​

Module 2: Threat Check - Use selected Microsoft Azure and Microsoft 365 security products and features to gain visibility into threats to your Microsoft 365 cloud across email, identity, and data. ​

Module 3: Endpoint Protection - Gain insights on active threats and weaknesses related to your Windows 10 and Windows 11 endpoints.

Module 4: Hybrid Identity Protection - Gain insights on active threats and weaknesses related to your Active Directory. ​

PHASE / ACTIVITY Week 1 – Pre-engagement -Pre-engagement Call

• Prepare and send Defend Against Threats with SIEM Plus XDR Workshop Questionnaire
• Fill in and send back Defend Against Threats with SIEM Plus XDR Workshop Questionnaire
• Review Defend Against Threats with SIEM Plus XDR Workshop Questionnaire

Week 1-2 – Readiness [Optional] -Microsoft Sentinel Overview

• Microsoft 365 Defender Overview
• Microsoft Defender for Office 365 Overview
• Azure Active Directory Identity Protection Overview
• Microsoft Defender for Cloud Apps Overview

Week 2 – Engagement Setup

• Kick-off Meeting
• Define Scope
• Change Management
• Threat Check - Configuration
• Microsoft Sentinel – Configuration

Week 2-4 – Data Collection

• Cloud Discovery Log collection

Week 5 – Exploration and Report Generation

• Threat Exploration
• Report Generation

Week 5 – Workshop Day

• Result Presentation
• Customer Conversations
• Customer Cost Savings Conversation [Optional Module]
• Microsoft Security Demos
• Next Steps Discussion

Week 5 – Engagement Decommissioning

• Engagement Decommissioning