For the past decade SIEM deployments have been considered the panacea for all information security field. The great hope is that a single tool can be used as the focal point for an information security team in its cyber defense operations.
With the released of Microsoft Azure Sentinel SIEM, as a true cloud-based service, the effort to deploy and configure the SIEM has been significantly reduce as effort, costs and time.
Managed Sentinel Inc. can help your organization to get the your Azure Sentinel instance up and running in no time. We know all typical SIEM deployment challenges and our experts in Azure Sentinel have done many successful installations for various size customers.
As part of our Azure Sentinel SIEM deployment, Managed Sentinel Inc. will:
- Perform an assessment of existing infrastructure to understand the customer SIEM needs
- Provide an initial SIEM infrastructure design matching customer environment
- Educate customer on projected Azure consumption for the final SIEM solution
- Build and configure Azure Sentinel cloud instance in customer Azure tenantID
- Review log types and devices, both on-premises and in Cloud and educate customer on relevant log sources to be included in SIEM analytics
- Assist customer with the on-premises log sources on-boarding activities
- Create a set of Sentinel alert rules and playbooks matching the customer needs and remediation capabilities
- Complete initial tuning of alert rules
- Create of custom workbooks/dashboards for both security and operational teams
- Perform a knowledge transfer and Sentinel platform training for customer’s SOC team
- Optional: Customer may opt to use the Managed Sentinel Agent for centralized log collection, parsing and indexing