Built on Azure Cloud Services, our MSSP service is a managed security service using the power of Azure Sentinel platform and benefits of Azure Logic Apps.
Light Azure Sentinel MSSP Service, our managed Azure Sentinel SIEM service is tailored to increase the organization visibility into its security posture and to better respond to cybersecurity incidents. Our managed service includes:
Deployment and configuration of Azure Sentinel SIEM in customer Azure subscription and activation of the Office 365 Data Connector. Our team will assist customer to enable auditing in Office 365
Configuration of more than 25 alert rules related to Office 365 data source for monitoring activities to SharepointOnline, ExchangeOnline and OneDrive
SIEM support during security incidents: Managed Sentinel has extensive hands-on experience managing complex security breaches and will support the customer during security incidents with analytics, threat hunting and custom reporting.
Teams and DLP Security Monitoring: Configure a custom API function to extract events related to these workloads and publish it into Azure Sentinel Log Analytics. Additional alert rules will be configured for these events.
Continuous Use Case Tuning: The most valuable component of a managed SIEM service consists in the continuous alerts and playbooks tune-up in order to stay aligned with the current threat landscape. Managed Sentinel has over 20 years of experience in cybersecurity monitoring.
Embedded Threat Intelligence: Our proprietary machine learning algorithm and dark web discovery are leveraged to enrich the collected data and expedite cybersecurity investigations.
Regular Service Review: Managed Sentinel SOC team meets regularly the customer to review and collect feedback and new requirements on alerts, playbooks and workbooks.
Note 1: This service will run in customer Azure subscription
Note 2: This service is resticted to Office Activity events only