Deploy Azure Sentinel in the customer’s environment
Target: Deploy Azure Sentinel in the customer’s environment, performing the threat exploration and optionally, the threat hunting phase, together with the customer, providing additional readiness for the customer’s SecOps resources to allow them to manage the solution as part of their existing SOC. Filling in the existing environment with the proper content, through the transforming business requirement to technical use-cases according to the relevant security threats.
End Product: • Implemented cloud native SIEM for chosen log sources. • Enhanced Security visibility across cloud and on-premise environment Customer has properly implemented ruleset that grants tailed threats monitor that essential to this specific environment. • Customer aware of the main workflow, capabilities and features of the product, prepared to monitor and respond to threats in the proper way.