LAB3 Security Insight - Rapid Sentinel Onboarding (minutes not months)

Cybersecurity management can quickly become costly and inefficient, requiring highly specialised skills and software.  Azure Sentinel is a cloud native Security Information and Event Manager (SIEM) platform. 

Our goal is to implement cybersecurity measures that are continuously enriched and tuned using Sentinel’s own native AI and ML capabilities, combined with LAB3’s real world experience and automation expertise.

LAB3 Benefits:

• Microsoft Threat Protection Advanced Specialisation
• Automated deployments with optional DevSecOps Lifecycle management
• IP Library for rapid deployment of native and custom
  • Data Connectors
  • Workbooks (Dashboards)
  • Alerts
  • Analytic Rules / Hunting
  • Playbooks (SOAR)
• Integration with IT operation tools (eg ServiceNow) through Azure Logic Apps
• Operation and cost optimisation for events and logs storage
• LAB3 Hybrid Log Ingestion Appliance to accelerate log ingestion from 3rd party, traditional and cloud sources to Azure Sentinel

Approach:

• Project Initiation and Kick Off
• Assess existing environment
• Conduct workshop(s) with stakeholders to establish the requirements, constraints and parameters for the Azure Sentinel solution
• High-Level Design development
• Deploy and configure Azure Sentinel SIEM services
• Review of Azure Sentinel consumption per log source of a minimum of 2 weeks period
• Tuning and optimisation of Azure Sentinel SIEM and log volume ingestion as per the agreed findings and recommendations
• Hypercare support
• Runbook and operational documentation 
• Conduct handover workshop with your operational support team