ANS' Microsoft Sentinel Workshop: 2-Week Implementation

ANS' Microsoft Modern SecOps Workshop will enable you to accelerate your modern SecOps journey into Microsoft Azure at pace. This Workshop is focused on the Microsoft Sentinel technology and best practice architecture, creating a foundation for you to fully adopt a SecOps process through all your infrastructure at cloud scale, enabling you to see and stop threats before they cause harm.

ANS will work to understand your current security landscape; helping to define both on-premise and cloud-based Sentinel integration.

The engagement will deliver a fully functional production-grade Microsoft Sentinel environment ready for data to be ingested and served. This can either be for a PoC / proof of value or at an enterprise scale to highlight the solutions capabilities and how it can keep your organisation secure. This will enable you to:

1. Collect data at cloud scale- collect data across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
2. Detect threats - detect previously uncovered threats and minimise false positives using analytics and unparalleled threat intelligence from Microsoft.
3. Investigate threats - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft.
4. Respond to incident - Rapidly respond to incidents with built-in orchestration and automation of common tasks.

This Workshop will be delivered with infrastructure as code allowing the future possibility for agile iteration using SecDevOps, be that PoC to production or another environment for the enterprise scale version. For the enterprise scale version, all environments are backed by Azure DevOps and using code repositories to allow configuration and pipelines to flow from Dev to UAT, and UAT to Production seamlessly. We will provide 5 custom connectors to illustrate the compatibility and agility of the Microsoft Sentinel Platform.

What is included?

• Deployment of Microsoft Sentinel on a limited set of services guided by ANS engineers.
• Once the Trail is completed you will be given the means to deploy at scale the services to the rest of your environment.

How long does it take?

• Usually delivered over 2-3 weeks

Who needs to be involved?

• Security Architects
• Architects
• Cloud/Desktop Engineers
• IT Leads

What are the benefits?

• Deployment of Microsoft Sentinel guided by ANS engineers built to best practice to trial Microsoft Sentinel.
• A Production ready implementation ready to be scaled to the rest of your services after a successful trial.