Setting a framework to build on, the Sentinel Starter Kit is the first step toward intelligent cybersecurity.
What is the Sentinel Starter Kit?
The Sentinel Starter Kit introduces, establishes, and provides a framework for working with Microsoft Sentinel. It is designed to provide a solid foundation based upon Microsoft best practices for your Microsoft SIEM.
By ingesting data from standardised sources, a valuable view of your environment is generated, enabling enhanced visibility, control and automated response through customised Workbooks (dashboards) and Playbooks (automation). Over the course of several months, Azured’s experts work to tune and refine your instance of Microsoft Sentinel, categorising and prioritising incidents whilst building upon your automated responses.
Once the starter kit has been completed, the organisation has complete flexibility in expanding its Sentinel service to include new data sources, enhanced visibility and automated remediation of threats, delivering a usable SIEM, ready to grow in the direction of your choosing.
Key features and benefits
The Sentinel Starter Kit answers:
Where do I start?
- Building a Microsoft best practice aligned Sentinel instance
- Standardised data sources, workbooks and playbooks
- Peace of mind from Microsoft best practices.
Where do I go?
- Ongoing Sentinel tuning and improvement
- Improve security posture
- Cost-efficiency
How can I get there?
- Cadence calls to provide ongoing direction and advice
- Monthly review of incidents identified by the service
- Not overcooking your deployment, matching your need to the size of the deployment
Many organisations spend years deploying their SIEM, to a point where its never really “ready” and always in a state of development. Azured’s Starter Kit delivers a working Sentinel instance that will generate immediate value whilst providing a foundation to build upon.
How does it work?
1. Setup
The customer’s Microsoft Sentinel environment is configured, all standard connectors are deployed, and log data starts to flow into the Sentinel service.
2. Configuration
The Azured security team will create customised watch lists and dashboards for you to see activity in your environment.
3. Tuning
The final stage focuses on fine-tuning your environment. The team monitors the service and continually matures it, looking for patterns of common incidents to whitelist, escalate or resolve, producing key insights into the environment. Working closely with an organisations IT team to ensure incidents are appropriately categorised, prioritised and responded too, whilst identifying opportunities for automation (through playbooks).
It the Sentinel Starter Kit right for my business?
The Sentinel Starter Kit is an ideal first step into Sentinel adoption. It is best suited for organisations which;
- Want enhanced visibility and security using Sentinel
- Do not want a SOC, but want management of control of their Sentinel instance
- Want support only when they need it (to understand an incident or problem)
- Want regular check-ins to walk through the integrity of their environment,
- Has a strategic investment within Microsoft technologies
Telstra’s official Sentinel solution for SMB’s
Telstra recognises The Sentinel Starter Kit by Azured as their solution of choice for small-medium sized businesses looking to adopt Microsoft Sentinel.