Sentinel Foundations - 6 week Implementation

The proliferation of platforms, data, users and mobility is creating new challenges for security teams. Visibility and manageability are hard to attain, let alone staying on top of endless alerts and tool updates. Microsoft Sentinel, the Microsoft cloud-based Security Information and Event Management System (SIEM), was created to provide a whole new level of control and visibility across the entire IT security environment. Microsoft Sentinel lets you combine and analyse security data from all your users, endpoints and infrastructure to make threat protection smarter and faster. The platform offers built-in and third party capabilities such as Threat Intelligence, Machine Learning, Security Orchestration and Automated Response. How we help Insight’s Microsoft Sentinel Foundations offers expert-led workshops that combine training and assessment of your security environment. Centred around best practices for cloud and security, this engagement familiarises your team with Microsoft Sentinel and provides you with a working environment you can begin using right away. Our goal is to help you meet your transformation goals — and move forward securely with confidence. We’ll work collaboratively with your team using a three phase approach: Discovery and Assess Phase

• We’ll begin by exploring your organisation’s current security strategy, goals and requirements.
• We will educate your key stakeholders on Microsoft security services and Microsoft Sentinel.
• Through whiteboarding sessions, we will review the Microsoft Sentinel build and the strategies and best practices to be leveraged for the design.

Implementation and Threat Analysis Phase

• We will deploy and configure Microsoft Sentinel and create a log analytics workspace to analyse your data.
• We will connect up to three existing Microsoft data sources, such as Advanced Threat Protection, Office 365 and Cloud App Security, into your Microsoft Sentinel SIEM.
• Three weeks of data ingestion will be monitored and a threat exploration report will be generated.

Next Steps and Roadmap Phase

• The assessment report and technical design document will be provided.
• The threat analysis review will be presented to your key stakeholders, providing recommendations on next steps.
• A transformation roadmap will also be delivered, providing guidance on how to best maximise your Microsoft Sentinel investment and further mature your organisation’s security posture.