Launch of "MSS for Microsoft Sentinel Advanced" to support early detection and initial response to incidents

Launch of "MSS for Microsoft Sentinel Advanced" to support early incident detection and initial response

~Collecting and integrating logs from various security products, setting optimal analysis rules according to the customer environment, and providing highly accurate manned monitoring by security analysts 24 hours a day, 365 days a year~

SB Technology Corp. (Headquarters: Shinjuku-ku, Tokyo, President ＆ CEO: Shinichi Ata, hereinafter referred to as "SBT") is pleased to announce the launch of MSS for Microsoft Sentinel, which supports early detection and initial response to incidents using Microsoft Co., Ltd. 's cloud SIEM solution "Microsoft Sentinel *1" Advanced" will be available on September 20, 2023.

This service collects and integrates logs and alerts from various security products used by customers into Microsoft Sentinel *2, and provides automatic monitoring and highly accurate manned monitoring by security analysts 24 hours a day, 365 days a year. This is a service that we provide. SBT 's security analysts will check and analyze the detected alerts, and will notify you of early incident detection and countermeasure plans. SBT continuously adjusts the analysis rules for detecting incidents even after the service has been introduced to maintain the optimal state according to the customer's environment.

MSS for Microsoft Sentinel Advanced:
https://www.softbanktech.co.jp/service/list/managed-security-service/mss-for-azure-sentinel/

■Background

Due to the increase in cyber attacks and the diversification and sophistication of their methods, there is a growing need for incident detection and prompt investigation and analysis after they occur. On the other hand, in addition to the lack of human resources with specialized security knowledge and product handling technology, it is necessary to continually adjust analysis rules to determine the importance of the large number of alerts reported daily. As a result, an increasing number of organizations are having problems making full use of SIEM products. Furthermore, since incident decisions are made by humans, specialized knowledge of security products and services, as well as security knowledge to judge what is currently happening, is required.
SBT has started offering "MSS for Microsoft Sentinel Advanced" to solve these issues by leveraging the knowledge of security product operation and monitoring that SBT has cultivated over the years. In order to provide this service, we will set up a specialized team and strengthen our response.

■Service overview

The service contents of "MSS for Microsoft Sentinel Advanced" are as follows.

・Service features

1) Compatible with various security products: Logs and alerts from various security products used by customers can be collected and integrated into Microsoft Sentinel for monitoring. Since logs stored in customer-owned tenants are directly monitored, there is no need to provide log data containing confidential information externally.

2) Available 24 hours a day, 365 days a year: We provide highly accurate security monitoring through a combination of automatic monitoring and manned investigations. By having analysts investigate alerts that are difficult to do with automatic monitoring alone, we support the initial response to incidents.

3) Optimization of analysis rules: Our experienced engineers will set up the optimal analysis rules for your environment. Even after implementation, analysis rules are maintained in an optimal state through daily operation.

4) Microsoft 365 E5 Security Detailed Analysis (Optional): Detailed investigation: We will log in to the management screen of each product and conduct an investigation based on the customer's request.
Suppressive response: Based on the customer's request, we will implement temporary measures against the incident.

5) On-demand research (optional): Based on the suspicious information provided by the customer, we use Microsoft Sentinel's "hunting" function to investigate and analyze it.

■Provision start date

Wednesday, September 20, 2023

For more information on "MSS for Microsoft Sentinel Advanced", please click here.
https://www.softbanktech.co.jp/service/list/managed-security-service/mss-for-azure-sentinel/

■Future outlook

In the future, SBT will expand the security products that can be supported by this service, and will also expand the system management services for those products.

*1 Microsoft Sentinel is a security solution (SIEM) that centrally manages logs from all IT devices such as network products and security products, and detects threats that can lead to incidents through correlation analysis, and automates and streamlines security operations. A next-generation technology that analyzes and analyzes the behavior of users and entities (IT systems, equipment, etc.) and detects signs of unknown threats and attacks (UEBA) in the cloud. It is a type platform.
*2 Products that can support monitoring: https://learn.microsoft.com/ja-jp/azure/sentinel/data-connectors-reference/

*MSS for Microsoft Sentinel Advanced is a service of SBT 's security solution brand "NOZ SECURITY." https://www.softbanktech.co.jp/noz/security/
*Company names, product names, and service names mentioned in this release are registered trademarks or trademarks of each company.
*Microsoft, Azure, and Microsoft Teams are registered trademarks or trademarks of Microsoft Corporation in the United States and other countries.
*Microsoft 365 is the name of a service provided by Microsoft Corporation.

Contact information regarding this press release

● SB Technology Corp. Public Relations Department
E-mail: sbt-press@tech.softbank.co.jp