Table of Contents

Let Us Deploy Azure With You

Microsoft Azure Planning and Design

Azure Sentinel is the industry’s first cloud-native SIEM (Security Information and Event Management) solution. More than just a log engine, its available playbooks and countless Azure Logic Apps make it a leading SOAR (Security Orchestration, Automation, and Response) solution as well. If you’re using Microsoft 365 and Azure services, Sentinel should be front and center in your Security Operations Center.

Let Us Deploy Azure With You
With our seasonal staffing needs, our deployment of Azure AD Single Sign-On was a big win. It enabled us to reduce password resets and lockouts that plagued our HR and IT teams. The reduction in time spent and aggravation is immeasurable.
National Aquarium Logo

Les Kidwell Director of Technology Solutions at National Aquarium

Moving National Aquarium To The Cloud


National Aquarium in Baltimore

There are two common scenarios we see with our clients concerning Digital Transformation. The first is the organization who is unfamiliar with the possibilities of the Cloud and needs guidance as to what is possible. The second scenario is an organization who has started to move a workload or two into Azure but have no formal plan only to find cost overruns. Both scenarios could benefit from our guidance to help create a transformation plan.

The result was a scalable plan for expansion that can realize the intended ROI, decreased Help Desk hours for password resets from the Azure Identity and AD Single Sign On.  We also trained the IT audit staff to be equipped to understand and manage costs in the future. Getting costs under control for a more predictable, better managed Azure environment.


Let Us Deploy Azure With You

Major Questions Answered

Why use a SIEM/SOAR?

  • Too many logs with too few people to review them means risks are left unattended. 76% of firms report an increase in security data, but 44% of alerts are never investigated.
  • The global shortfall of cybersecurity resources will soon leave 3.5 million jobs unfilled.
  • SIEMs and especially SOAR systems provide the automation to manage security at scale..

Why cloud-native?

  • On-prem SIEMs are complicated to setup and run and are ill-suited for modern clouds
  • Logs shipped from O365 and most Azure services are free
  • Limitless scalability has allowed at least one Sentinel customer handling up to 400,000 events per second and ingesting 100 GB per day
  • Being so simple to turn up and use provides rapid ROI

How does it work?

  • Logs can be ingested from Microsoft services, on-prem systems (servers and security appliances), and AWS.
  • Microsoft machine-learning triages thousands of alerts into a manageable number of incidents requiring analysis.
  • Sentinel provides visuals, recommended actions, integrations to ITSM tools, proactive hunting, and playbooks to automate remediations.

Advice To Get Started

Advice to get started:

  • Sentinel is a detection and response solution, not a protection. Getting fundamental security solutions in place (i.e. MFA, DLP, patching) prior to using a SIEM will maximize your SOC’s efficiency.
  • Trying Sentinel is simple, as-is connecting it to your Office 365 resources. Setting up the connectors to on-premises appliances and building playbooks is more of a process. Contact for questions or assistance.

Tools and Resources

The Cloud for Non Profits

Microsoft Tech for Social Impact (TSI) presented its vision for the Microsoft Cloud for Non-Profits March 30, 2021. It is designed as an affordable solution for non-profits that covers a broad range...

Takeaways from Senate hearing with SolarWinds, FireEye, and Microsoft

During the Senate hearing on the software supply chain attack that corrupted SolarWinds and its ~17,000 Orion customers, there were several salient themes and many fascinating details. Enterprises,...

Patch, then Pursue Hybrid Exchange Vulns

By now you've patched your Exchange Servers to mitigate the vulnerabilities exposed on 3/2/21. Now it's time to shut the back door that might have been set up before the patch. The backdoor has been...