What is the Sentinel Starter Kit?
The Sentinel Starter Kit introduces, establishes, and provides a framework for working with Microsoft Sentinel. It is designed to provide a solid foundation based upon Microsoft best practices for your Microsoft SIEM.
By ingesting data from standardised sources, a valuable view of your environment is generated, enabling enhanced visibility, control and automated response through customised Workbooks (dashboards) and Playbooks (automation). Over the course of several months, Azured’s experts work to tune and refine your instance of Microsoft Sentinel, categorising and prioritising incidents whilst building upon your automated responses.
Once the starter kit has been completed, the organisation has complete flexibility in expanding its Sentinel service to include new data sources, enhanced visibility and automated remediation of threats, delivering a usable SIEM, ready to grow in the direction of your choosing.
Key features and benefits
The Sentinel Starter Kit answers:
Where do I start?
- Building a Microsoft best practice aligned Sentinel instance
- Standardised data sources, workbooks and playbooks
- Peace of mind from Microsoft best practices.
Where do I go?
- Ongoing Sentinel tuning and improvement
- Improve security posture
How can I get there?
- Cadence calls to provide ongoing direction and advice
- Monthly review of incidents identified by the service
- Not overcooking your deployment, matching your need to the size of the deployment
Many organisations spend years deploying their SIEM, to a point where its never really “ready” and always in a state of development. Azured’s Starter Kit delivers a working Sentinel instance that will generate immediate value whilst providing a foundation to build upon.
It the Sentinel Starter Kit right for my business?
The Sentinel Starter Kit is an ideal first step into Sentinel adoption. It is best suited for organisations which;
- Want enhanced visibility and security using Sentinel
- Do not want a SOC, but want management of control of their Sentinel instance
- Want support only when they need it (to understand an incident or problem)
- Want regular check-ins to walk through the integrity of their environment,
- Has a strategic investment within Microsoft technologies