Just a moment, logging you in...
TELUS Managed Security Information and Event Management (SIEM) Advanced deploys and manages your Microsoft Sentinel SIEM, providing you with 24/7 security monitoring, detection and response.
Microsoft Sentinel, the foundational technology of the TELUS Managed SIEM Advanced offer, is a cloud-native Security Information and Event Management (SIEM) solution that significantly enhances an organization's threat detection and overall security posture. By deploying and managing Microsoft Sentinel, TELUS provides 24/7 security monitoring, detection, and response. This proactive approach allows for earlier identification of threats through thoughtfully configured use cases, alerts, and reports. The continuous monitoring ensures that high-severity alerts are validated by experienced Security Operations Centre (SOC) teams, improving the effectiveness of security operations and reducing pressure on internal IT resources.
TELUS Managed SIEM Advanced provides the 24 x 7 x 365 support you need (available in English and French) to effectively detect and block threats, improve your cybersecurity posture and enable you to easily demonstrate regulatory compliance.
The integration of Microsoft Sentinel is central to the deployment activities of TELUS Managed SIEM Advanced, ensuring continuous monitoring and protection throughout the service lifecycle. We provide experienced security experts to guide your service through implementation and transition to our Security Operations Centre (SOC). All work is performed remotely during business hours, with after-hours cutover available.
Planning and requirements gathering: During this initial phase, the scope of log sources for ingestion into Microsoft Sentinel is defined, and reporting and alert use cases are selected for initial delivery. This ensures that Sentinel is configured to monitor the most critical assets and infrastructure from the outset.
Analysis and deployment: Log sources are enabled to ingest data into Microsoft Sentinel, and analytic rules specific to these sources are enabled and tuned. Verification of log reception and configuration of alerts for "silent" log sources further ensure comprehensive coverage.
Content development and transition to SOC: Analytic rules are scoped to relevant systems, users, and data within Sentinel, and exceptions are identified. Selected analytic rules are then enrolled within the TELUS SOC Security Monitoring Service, and the service is configured to receive alerts and establish SOC alert handling procedures. This transitions tuning responsibility to the TELUS SOC, leveraging their expertise.
Tuning: Ongoing tuning activities involve reviewing received events to optimize data ingestion and improving content quality of the generated SIEM output. Pre-operational alert tuning with the TELUS SOC ensures that analytic rules meet established volume targets and exclude known issues.
24 x 7 x 365 security monitoring: Once deployed, the TELUS SOC will provide near real-time 24 x 7 x 365 monitoring of security alerts. Our analysts will evaluate security alerts for validity and risk per agreed handling processes, and share with you qualified alerts with context. We will provide supporting data and evidence (logs) to help you understand and address the alert and protect your organization from cybersecurity threats.