ThreatHunter Implementation 3 weeks

CISO’s face constant challenges. Supply chain attacks are trending. Ransomware demands are spiking. Threats evolve faster than existing tools can detect, and skilled resources are in demand. This often leaves alerts unaddressed, and SecOps teams reacting rather than building better defenses.

Microsoft’s Magic Quadrant-leading security tools aren’t optimized by default. Each organization must make specific configurations to protect valuable targets, automate alerts, and proactively remediate.

Microsoft Gold Partner Enabling Technologies provides ThreatHunter: consulting, configuration, and training services to help organizations protect, detect, and respond to risks. This engagement does not require the clients resources and time for the whole project as some of the Three weeks are running the applications to determine threats and need no client involvement.

Week 1 - Reduce Ransomware Risk

• Configure Microsoft 365 Defender for Identity and sensors on two AD Domain Controllers on-premises
• Configure the Microsoft 365 Defender for Endpoint portal and onboard up to 10 machines
• Design up to two Endpoint Protection (Surface Area Reduction) policies and on up to 10 machines
• Enable Microsoft 365 Defender Device Groups and Role-Based Access Controls for Automation

Week 2 - Modernize SecOps

• Configure Microsoft 365 Cloud App Security and Azure AD to alert or block compromised accounts
• Configure SafeLinks and SafeAttachments to latest best practices
• Configure Azure Sentinel

1. Proactively reduce risk of catastrophic events
2. Constantly monitor for nefarious behavior on critical systems
3. Receive actionable insights about incidents before they spread
4. Empower staff to efficiently detect and respond to incidents
5. Automate whenever possible

Week 3 - Training