Minimum Sentinel Services Scope

Integrity Partners Sp. z o.o.

Deploy Azure Sentinel in the customer’s environment

Target: Deploy Azure Sentinel in the customer’s environment, performing remote monitoring and optionally, threat hunting, demonstrating basic visibility that the solution can provide on customer environment.

•    Active Azure Subscription
•    Log Analytics workspace (if you do not have one, it will be created for you).
•    Contributor permissions to the subscription in which the Azure Sentinel workspace would resides.
•    Contributor or reader permissions on the resource group that the workspace belongs to.
•    Additional permissions may be needed to connect specific data sources.
•    Acknowledgment of Azure Sentinel pricing (that is a paid service)

End Product:
•    Implemented cloud native SIEM for chosen log sources.
•    Enhanced Security visibility across cloud and on-premise environment
•    Customer gets environment to prioritize and mitigate potential threats.
•    Defined deployment roadmap for the production deployment of Azure Sentinel.
•    Defined next steps based on their needs and objectives.