Defend Against Threats with SIEM plus XDR - Proof of Concept

Grupo Bravco S.A.

Our fully managed service provides a cost-effective approach to event collection and collation, threat detection, incident investigation and rapid response. We combine this with th

Our solution aims to demonstrate identification, protection and automatic response to threats through the combination of Microsoft Defender for Endpoint and Sentinel. Defender's functionalities allow endpoint analysis by adding visibility of threats, vulnerabilities and security scores, which, added to SIEM rules, allows events to be contextualized and treated as security incidents.

At the end of the demonstration you will have:

  • Implementation of basic rules of Microsoft Defender
  • Threat detection and security dashboards for endpoints
  • Collection and detection of Microsoft Defender events in Sentinel
  • Demonstration of our CSOC service with triage tests and investigation of Defender events

This service includes:

  • 24/7 Detection & Response - Highly skilled analysts with eyes on glass 24/7 for triage and rapid response
  • SIEM/SOAR Enhancement - Develop new content and capabilities around the Microsoft Sentinel Cloud Native SIEM and SOAR
  • Customised Reporting - Use the intelligence and analytics capabilities of the Azure Log Analytics