Transcription
Solution BriefBlueVoyant Core: MDR for Microsoft(Managed Detection and Response)Unite MDR with Microsoft Sentineland Microsoft Defender XDRConsulting &ImplementationNew approaches to cybersecurity are needed more than ever.The exponential growth in remote employees and theacceleration of digital transformation initiatives have expandedthe attack surface for companies big and small. Security teamsthat are already stretched struggle to connect and constructintegrated technology solutions from multiple vendors, many ofwhich were only designed to operate in legacy environments.These integration complexities, combined with a lack of securityresources and training, can force painful compromises, and theunrelenting attacks from cyber criminals make securing theorganization a seemingly unattainable goal.A cloud-native, fully-integrated security solution helpscompanies operate safely in today’s interconnected world.To bring this vision to life and help our clients achieve theirbusiness and security outcomes, BlueVoyant has partneredwith Microsoft. In addition to making a significant investmentin people, process, and technology, BlueVoyant offers clientsan end-to-end portfolio of consulting, implementation, andmanaged security services, all powered by Microsoft’s securitytechnologies and designed to expand on your existing Microsoftsecurity tools investment. We call this automation portfolio and24x7 human security services MDR for Microsoft.Today’s sophisticated cyber attacks are no longer exclusive toendpoints. They are multifaceted and target identities, email,infrastructure, cloud platforms, servers, databases, and more.Endpoint-centric detection and response solutions alone donot provide the visibility and response capabilities required toidentify and neutralize broader attacks.Your data is the lifeblood of your business. With data privacy now front and center globally and the costs of cloud consumptionrapidly increasing, customers want their data to stay within their environment. While other Managed Security Service Providers(MSSPs) require data to be sent to their infrastructure and data centers for analysis, BlueVoyant’s service allows you to keep yourdata in your own environment, reducing cost and ensuring stronger compliance.
MDR for Microsoft provides a complete portfolio of Microsoft securityfocused services, including a customized deployment ofMicrosoft security tools, ongoing management and maintenance, as well as 24x7 MDR, protecting you from cyber threats andproviding continuous security posture improvement.Consulting and ImplementationAre you maximizing your Microsoft security tools’ capabilities?If not, we can help. With MDR for Microsoft, you don’t need tobe an expert to take your security and compliance posture tothe next level. Our Accelerator services are focused consultingengagements designed to get you up and running quickly andmaximize your investment in Microsoft Sentinel, Microsoft365 Defender, and Microsoft Defender for Endpoint securitytechnologies. BlueVoyant perform a detailed analysis of yourenvironment(s) and provide actionable security insights,leveraging the BlueVoyant catalog of prebuilt playbooks andalert rules. What’s included: A detailed assessment of your risks,guidance on how best to leverage Microsoft-powered solutionsand/or the requirements of your unique situation.What’s included:– A detailed assessment of your risks– Guidance on how to best use Microsoft-powered solutionsand deployments– Configuration assistance to meet your unique requirementsSolution FeaturesMicrosoft Sentinel Accelerator– Infrastructure setup– Integration with MDR monitoring– Log source ingestion– Incident response playbookcreation– Alert and SOAR configuration– Knowledge transfer– Security controls deployment– Initial alert tuning andoptimizationMicrosoft 365 Defender AcceleratorDefender for Endpoint; Defender for Identity; Defender for Office 365;Cloud App Security (MCAS)– Infrastructure setup– Policy tuning– Configuration– Integration with MDR monitoring– Integration with SIEM– Security controls deploymentTo learn more about BlueVoyant,please visit our website atwww.bluevoyant.comor email us atcontact@bluevoyant.com
MDRMDR for Microsoft activates 24x7 monitoring, detection,investigation, hunting, and response capabilities to augmentMicrosoft security tools and to work alongside customersecurity tools and personnel.Microsoft Sentinel: Monitoring and investigations ofinfrastructure and log alerts surfaced via Microsoft Sentinel.MDR for Microsoft 365 Defender: Monitoring, investigations,and remediation for Microsoft 365 content, with the Microsoft365 security signals.MDR for Microsoft Defender for Endpoint: Monitoring,investigations and remediation for Azure PaaS and IaaSservices, with the Microsoft Defender for Endpointsecurity signals.Solution Features24x7 MDR for Microsoft– Alert triaging and investigation– Threat hunting– Unlimited remote incidentresponse– Access to BlueVoyant library of500-plus customized alert rules,80-plus data connectors, andplaybook automations– Threat eradication– Threat intelligence– Environment security healthmonitoring– Concierge Support included– Escalations and notification asappropriate– Log source collection,optimizationProactive threat hunting by BlueVoyant security analysts can be purchased as an optional add-on with all MDR for Microsoft servicesBlueVoyant Core: MDR for Microsoft is a powerful solution thatcan incorporate security logs from the entire Microsoft securitytoolset as well as many thirdparty technologies.Rather than sending BlueVoyant your logs and receiving alertsback, our security experts operate inside your environment.Watch in real time as they enrich investigations, raisealerts and close incidents, directly within your MicrosoftSentinel environment.
MDR for Microsoft supports the entire Microsoft security suite, including:Microsoft SentinelMicrosoft 365 DefenderMicrosoft Defender for EndpointA cloud-based security information andevent management (SIEM) tool.An extended detection and response(XDR) platform designed to nativelyintegrate with Microsoft Sentinel. (Thisincludes all Microsoft 365 Defenderservices - for Endpoint, Office 365,Identity and Cloud App Security).A platform that provides XDRcapabilities for infrastructure and cloudplatforms including virtual machines,databases, and containers.365DefenderSERVICESConsulting &Consulting&ImplementationImplementation
BenefitsReduce the level of risk faced by your organization– 24x7 monitoring by our cybersecurity experts reduces yourdaily operational burden, allowing your team to focus on morestrategic security activities.– Automation and AI capabilities instantaneously identify andrespond to the most serious threats.Optimize your cloud spend– As part of your deployment, we will review all of your securitylog sources and recommend which ones you need and whichones you don’t. BlueVoyant clients can expect to see up to a40% optimization in Azure log ingestion costs.– A full array of regulatory compliance reporting capabilities soyou know where you stand and can reduce the time neededto deliver audit reporting.Ongoing technical support and customer success– You will be assigned a Technical Customer Success Manager(CSM) during the onboarding process. Your CSM will serve asyour primary point of contact into BlueVoyant and collaboratewith both you and our internal teams to synthesize yourfeedback and ensure it is routed properly for action. Your CSMis laserfocused on ensuring that you are getting the mostvalue out of your service at all times.Fast time to value– BlueVoyant has helped many clients design and implementMicrosoft security tool deployments. Our well-defined andbattle tested processes will have you up and running quickly.– As part of the MDR for Microsoft service, you will alsohave access to the BlueVoyant Security Operations Center24x7. Every time you call, you’ll speak to a human who willimmediately address your concerns.– Incident responses that can’t be automated are tagged forevaluation by your team and can be integrated with your ITservice management ticketing systems.Lower your total cost of ownership– Deploy the Microsoft Security tools you already have accessto as part of your M365 E3, E5, EMS or Business PremiumLicense.– Eliminate the time and cost of managing disparate securityhardware and software technologies.BlueVoyant converges internal and external cyber defense capabilities into an outcomes-based, cloud-native platform called BlueVoyant Elements . Elementscontinuously monitors your network, endpoints, attack surface, and supply-chain as well as the open, deep, and dark web for vulnerabilities, risks, and threats; andtakes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independentsolutions or together as a full spectrum cyber defense platform. BlueVoyant’s approach to cyber defense revolves around three key pillars — technology, telemetry,and talent — that deliver rock-solid cyber defense capabilities to more than 700 customers across the globe.To learn more about BlueVoyant, please visit our website atwww.bluevoyant.com or email us at contact@bluevoyant.com
security signals. BlueVoyant Core: MDR for Microsoft is a powerful solution that can incorporate security logs from the entire Microsoft security toolset as well as many thirdparty technologies. Rather than sending BlueVoyant your logs and receiving alerts back, our security experts operate inside your environment.
