MXDR Shield: 4-Wk Implementation

MXDR Shield leverages Microsoft’s Azure Sentinel SIEM & XDR technology combined with Long View’s 24x7 Security Operations Center (SOC) to secure your Microsoft cloud ecosystem (Office365, OneDrive, Teams, Azure, Microsoft 365 Defender, Dynamics 365).

MXDR SHIELD DEPLOYMENT Our SOC experts will professionally setup Sentinel in your Azure workspace, including deployment of our proven expert rulesets & automated playbooks that will automatically respond to threats & other suspicious activities including workstation or user quarantine in near real-time. Your company’s system administrators will be notified while our 24x7 SOC triages to provide you with the best course of action for remediation. Automation can be leveraged to trigger playbooks developed by Long View to quarantine workstations (endpoints) or suspend user access during malicious behavior. Other threats may require triage by Long View’s skilled SOC team. This is all achieved with a second instance of Sentinel via Azure Lighthouse, located in Long View’s SOC which is linked & synchronized to the client’s workspace to investigate & respond as required.

ACTIVITIES & OUTCOMES

• Turn on Sentinel application in Client workspace.
• Apply initial Long View Custom Rule Sets & Long View Custom Playbooks. Add or modify Custom Rule Sets & Custom Playbooks as new threats are discovered.
• SOC monitors multi-tenant instance of Sentinel as oversight of all Client Sentinel instances and triage alarms, validate successful automation & ensure Client notification &/or Client intervention when required.
• Maintain Client specific Security Escalation Document (SED).
• Document & record all Security incidents in accordance to Long View Integrated Global Services best practices.
• Provide Client monthly report of security incidents & actions as evidence of Sentinel automation, SOC & Client interventions.
• Monitoring scope includes Azure Active Directory logs & sign-ins, Office 365 logging & Threat Intelligence Indicators.