Cloud SIEM Azure Sentinel Implementation for a World-Leading Medical Products and Solutions Company in Sweden

Cloud SIEM – Sentinel Implementation and operation and possible automation.

01. Customer was not having functional SIEM solution for a long time.

02. Lack of knowledge on selecting the right SIEM for their organization and to set up the right operational support.

03. Lack of automated incident response.

04. Playbook automation for a streamlined incident management flow and to integrate with the incident management tool.

Performed detailed assessment of the SIEM applications, proposed and implemented best recommended architecture and upgraded the complete setup to latest stable versions.
Provided customer with a viewpoint that helped them select Sentinel as a SIEM/SOAR solution against the other SIEM solutions.
LTM proven cloud SIEM Implementation/migration methodology and framework to identify the data source for SIEM connector.
Delivered a comprehensive Sentinel SIEM Designing, Deployment and Implementation.
Enriched Data collection rule to reduce unwanted events and advanced correlation rule.
Managed content development, customized all reports as per the customer requirement.
Handled real-time security monitoring and alerting from LTM Global Converged SOC.

Migrate from Qradar to MS Sentinel helped customer achieve improved SIEM correlation.
Significantly improved Cyber Risk Posture.
Reduced Alert Fatigue.
Playbook Automation resulted in better detection & notification with less rules (thus less administrative overhead).
Custom App Function created for the Cisco product to provide telemetry which was otherwise not available via standard out-of-box connectors.

90+
Covered all the data sources and integrated with the ready-made connector and used syslog server for customized connector
90%
Enhanced security incident management with the Next-gen SOC implementation
>65%
Improved efficiency and automated triaging solution