{"id":53235,"date":"2024-08-12T08:45:52","date_gmt":"2024-08-12T06:45:52","guid":{"rendered":"https:\/\/www.secuinfra.com\/?p=53235"},"modified":"2024-08-12T09:04:49","modified_gmt":"2024-08-12T07:04:49","slug":"zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding","status":"publish","type":"post","link":"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/","title":{"rendered":"Zipped down from 1 week to 1 day &#8211; our efficient Managed Detection and Response (MDR) onboarding"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_83 counter-flat ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">[inhalt_uebersetzt]<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/#Protection_of_the_most_important_points_of_attacks\" >Protection of the most important points of attacks<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/#Rapid_onboarding_with_Microsoft_technologies\" >Rapid onboarding with Microsoft technologies<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/#Rollout_and_continuous_monitoring\" >Rollout and continuous monitoring<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/#Standardized_process_with_individual_adjustments\" >Standardized process with individual adjustments<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/#Increased_efficiency_through_modern_technologies\" >Increased efficiency through modern technologies<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/testing.secuinfra.com\/en\/news\/zipped-down-from-1-week-to-1-day-our-efficient-managed-detection-and-response-mdr-onboarding\/#Advantages_at_a_glance\" >Advantages at a glance<\/a><\/li><\/ul><\/nav><\/div>\n\n<p class=\"wp-block-paragraph\">Our optimized Managed Detection and Response (MDR) onboarding process delivers fast and effective protection in regards of the most common points of attack: endpoints, identities and email. Utilizing Microsoft Defender and Sentinel plays a crucial role.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Protection_of_the_most_important_points_of_attacks\"><\/span><strong>Protection of the most important points of attacks<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Our MDR approach focuses to three key areas:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">1. <strong>endpoints<\/strong>: protecting clients, servers, mobile devices as well as IoT and OT devices.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">2. <strong>identities<\/strong>: protection of employee accounts.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">3. <strong>email security<\/strong>: protection against threats delivered by email.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Rapid_onboarding_with_Microsoft_technologies\"><\/span><strong>Rapid onboarding with Microsoft technologies<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">With Microsoft Defender and Sentinel interfaces, we can quickly configure and monitor customer environments. The onboarding process typically involves the following steps:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">1. Configure access to the customer&#8217;s Defender environment (approx. 15-45 minutes)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">2. Configure access to the Sentinel environment and, if necessary, setting Sentinel up (approx. 15-45 minutes, depending on whether Sentinel is deployed or not)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">3. Configure the connection between Sentinel and Defender (15-30 minutes)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">4. Checking the Defender configuration (30-60 minutes)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">5. Configure Sentinel content rules and UEBA (User and Entity Behavior Analytics) (30-60 minutes)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">After these steps, we already receive data and can actively monitor parts of the customer environment.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Rollout_and_continuous_monitoring\"><\/span><strong>Rollout and continuous monitoring<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Following the initial setup, two main rollout steps would be arranged with the customer:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">1. rollout of Defender EDR client on prioritized systems (e.g. AD controllers, key servers and workstations)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">2. installation and configuration of Defender for Identity<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">After the full setup, we can see and react to alarms in near-real-time. Tuning is still required, but we already have a good overview about the security situation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Standardized_process_with_individual_adjustments\"><\/span><strong>Standardized process with individual adjustments<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Our onboarding process is standardized, which enables rapid implementation. Nevertheless, we take specific characteristics of each customer into account and create customized solutions. Our Cybersecurity Advisor will discuss escalation processes and incident response measures.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Increased_efficiency_through_modern_technologies\"><\/span><strong>Increased efficiency through modern technologies<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Setting up a SIEM (Security Information and Event Management) system used to be a time-consuming and complex procedure. Due to the decision to rely on a combination of XDR (Extended Detection and Response) and SIEM within the Azure Cloud, we have considerably simplified and accelerated this process. The advantages of Microsoft\u2019s technology, the software distribution and MDM (mobile device management) solutions are already in place at most customer organizations and are key factors for a rapid implementation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Advantages_at_a_glance\"><\/span><strong>Advantages at a glance<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Rapid deployment of Microsoft Sentinel: Enables a quick service start, with custom logs being handled as a separate issue.<\/li>\n\n\n\n<li>Activation and configuration of Microsoft Defender: According to best practices of our core Defender XDR expert team.<\/li>\n\n\n\n<li>Defender for Endpoint: Pre-installed on all Windows devices and easy to activate through software distribution.<\/li>\n\n\n\n<li>Hurdles distribution to Linux, MacOS and mobile devices: Through customer MDM solution.<\/li>\n\n\n\n<li>Tuning of alarms and connection of custom logs: Takes place during operation, ensuring basic protection from day one and continuously expanded.<\/li>\n\n\n\n<li>Advice on reducing the attack surface and vulnerability management: This takes place during operation after the initial tuning phase.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Thanks to this optimized onboarding process, we offer our customers a fast and effective entry into the world of managed detection and response, with a focus on security, efficiency and customization. Request <a href=\"https:\/\/testing.secuinfra.com\/en\/managed-detection-and-response\/microsoft\/\">MDR for Microsoft<\/a> now.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our optimized Managed Detection and Response (MDR) onboarding process delivers fast and effective protection in regards of the most common points of attack: endpoints, identities and email. Utilizing Microsoft Defender and Sentinel plays a crucial role.<\/p>\n","protected":false},"author":33,"featured_media":53237,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[60],"tags":[705],"dpc_coauthors":[],"class_list":["post-53235","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-mdr-en"],"acf":[],"_links":{"self":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/53235","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/comments?post=53235"}],"version-history":[{"count":0,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/53235\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/media\/53237"}],"wp:attachment":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/media?parent=53235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/categories?post=53235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/tags?post=53235"},{"taxonomy":"dpc_coauthors","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/dpc_coauthors?post=53235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}