Do you want to raise the IT security level of your company? Thanks to our comprehensive offer in this area, you will do this easily and cost-effectively. We will help you implement ISO 27001 and switch to IT process management. We will also ensure the IT infrastructure security monitoring thanks to the SOC as a Service, fully protecting your entire Microsoft environment (Office 365, Windows, Azure). You can also use our help while implementing Azure Sentinel and other security systems IT of various classes, including permission management, DLP, encryption, as well as SIEM.
SOC as a Service
Security of Microsoft Cloud computing solutions
O365, Windows10, Azure
We configure and manage cloud-based tools to ensure the security of data, users, and devices in the O365, Windows 10, and Azure environments.
Workstations attacks protection
- We configure and manage Windows Defender ATP, which detects and blocks threats using advanced file and process behavior monitoring and other heuristics (proactive) methods.
- Extensive reports present an up-to-date list of notifications about computers/machines in the network.
Azure Sentinel – SIEM as a Service
We specialize in the configuration and management of the SIEM and SOAR cloud system - Azure Sentinel.
Configuration, management, and maintenance
- Continuous improvement of the configuration of existing monitoring rules and "playbooks".
- Support for the service and the process of classification and escalation of applications.
- Availability monitoring of all log sources (cloud and on-premises).
- Integration with customer notification registration systems.
- Personalized report panels displaying the most important metrics.
- Integration with open source proactive threat analysis systems.
- Management and implementation of integration with local client systems - Sentinel agent.
- Regular notifications and monitoring of the maintenance costs of the SIEM service.
- Monthly review of the service status.
Azure Sentinel Service deployment
- Assessment of the existing infrastructure, requirements collection, and SIEM cloud service valuation.
- Build and configure a pre-release of Azure Sentinel.
- Overview of event and device log types - both in the cloud and on local systems.
- Assessment of the legitimacy of their migration to the cloud. The client can select the data source for the event logs.
- Support in connecting sources of event logs.
- Creating notifications and "playbooks" based on available scenarios.
- Configuration and optimization of notifications.
- Optional: The customer can select the Managed Agent service to collect, process (parse), index, and redirect event logs to Azure.
- Knowledge transfer and creation of customer documentation.
Implement our solutions that will increase company IT security
- Systems allowing you to manage mobile devices and to ensure their security.
- Antivirus and antimalware systems.
- Data Control Systems (DLP).
- Intrusion Detection and Prevention Systems (IPS / IDS).
- Firewalls and UTM systems.
- Information and security event management (SIEM) systems.
- Protection of web applications (WAF) solutions.
- Scanning and managing vulnerabilities.
Our consultants will also help you define policies, procedures, and instructions in the area of security.