Microsoft Sentinel Acceleration Programme
Have you invested in MS Sentinel but would like some extra assistance to ensure utilisation and efficiency?
Microsoft Azure Sentinel Acceleration Programme’, designed specifically for organisations interested in MS Sentinel and leveraging as much of the functionality as possible. This programme is deployed via an agreed number of days, delivered over an agreed period.
Working with one of our senior SIEM engineer and security specialist. The agreed period enables the feeds to be ingested and for you to have appropriate time to develop your awareness and ask any questions that you may have.
Throughout the process, the SIEM Engineer, SOC Analysts and Security Consultants are available to support the project.
Our Projects are carried out in two phases:
Phase OneOnboarding/Knowledge
Kick-off workshop to cover roles and responsibilities, systems to be monitored, and documentation requirements Full system overview and deep dive into functionality Produce Plan, write-up, and document how the solution will address the requirements documentation to cover the requirements Identify or build out data source connectors event collectors and parsing rules of log sources Provide further value by making rule set and optimisation improvement recommendations
Phase TwoBuild Effectiveness
CyberCrowd follow the CREST Cyber Security Incident Response Guide, which follows a Prepare, Respond and Follow Up methodology. During Phase Two, we propose that this methodology is implemented, providing an additional assurance for both stakeholders and customers. CyberCrowd can also work on bespoke rules and use cases as well as heavy tuning of the environment to get to the lowest achievable FPP (False positive possibility).
Ready to Get Started?
Your email address will not be published. Required fields are marked *
