User Shield: 4-Wk Implementation

User Shield leverages Microsoft’s Sentinel SIEM technology combined with Long View’s 24x7 Security Operations Center (SOC) to secure not only your Microsoft cloud ecosystem, including (Office 365, OneDrive, Teams, Azure, Microsoft 365 Defender) and your on-prem environment and SaaS applications.

USER SHIELD DEPLOYMENT

Our SOC experts will professionally setup Sentinel in your Azure workspace including deployment of our proven expert rulesets & automated playbooks that will automatically respond to threats & other suspicious activities including workstation or user quarantine in near real-time.

Your company’s system administrators will be notified while our 24x7 SOC triages to provide you the best course of action for remediation. Automations can be leveraged to trigger playbooks developed by Long View to quarantine or suspend users access during malicious behavior. (Specific licenses are required). Other threats may require triage by Long View’s skilled SOC team, which is achieved via a connection to the clients’ tenant leveraging Azure Lighthouse.

ACTIVITIES & OUTCOMES

       
• Turn on Microsoft Sentinel in Client workspace.
       
• Apply initial Long View Custom Rule Sets & Long View Custom Playbooks. Add or modify Custom Rule Sets & Custom Playbooks as new threats are discovered.
       
• The Long View SOC monitors client’s instance of Sentinel as oversight and triages alarms, validates successful automation & ensure Client notification &/or Client intervention when required.
       
• Maintain Client specific Security Escalation Document. (SED)
       
• Document & record all Security incidents in accordance with Long View Integrated Global Services best practices.
       
• Provide Client monthly report of security incidents & actions as evidence of Sentinel automation, SOC & Client interventions.
       
• Monitoring scope includes Azure Active Directory logs & sign-ins, Office 365 logging & Threat Intelligence Indicators. Third party connectors and server coverage are available for an additional cost. (Firewalls/Switches/Wireless controllers, etc.)