2. More than 10 years of IT Experience and working with MS. Team and Partners to deliver
Microsoft Solutions and specializes in the following Microsoft Technologies and Solutions:
- Microsoft Cloud Solutions (Private, Public, Hybrid and Multi-Clouds)
- Windows Server (AD DS, Hyper-V, and Infrastructure Services)
- System Center (System & Device Management and Others)
- Windows 10/11 Enterprise Services (Deployment, Security, and Others)
4. OPTION 1
Top Cybersecurity concerns
Attacks like ransomware are increasing
Costs are increasing
Organizations are feeling the pressure
1. “Cyber Resilience”. May 2021, Microsoft Security Insider.
2. “The State of Ransomware 2021.” Sophos, April 2021.
5. Human operated ransomware
Defending against Attacks
Supply Chain Attacks
Business Email Compromise
Phishing
Credential Theft
Insider Threats
Human-Operated Ransomware
6. Security Operations
“Is the Overall Process of Using
Collected Data and Analyzing them for
Potential Anomalous Behavior that
may indicate a Threat or Attack.”
7. SIEM + SOAR | Microsoft Sentinel
Microsoft 365 Defender
Email/docs Endpoints
Identities Apps
Microsoft Defender for Cloud
SQL Server VMs Containers
Network
traffic IoT Apps
XDR
Microsoft Defender
Non-Azure
workloads
Deliver End-to-End Security across Your Organization
Security Operations Center (SOC)
8.
9. Microsoft Defender for Cloud
Streamline Security Management
Strengthen Multi-Cloud
Security Posture
Secure
Score
Policies and
compliance
Automation
Leveraging
Azure Arc
Protect your Azure Native, Multi-Cloud and
Hybrid Workloads
Servers - EPP/ EDR,
Security alerts
Container
services
Databases and
storage
For Azure
service layers
For IoT
devices
Vulnerability
Assessment
Security
Baseline
CSPM CWPP
10. Full-Stack Coverage with Dedicated Detections
Compute Service Layer
Databases and Storage
AWS workloads GCP workloads On-premise
workloads
11. (Security Information and Event Management) (Security Orchestration and Automated Response)
Microsoft Sentinel
SIEM SOAR
Aggregate Events and Alerts from
numerous solutions to correlate intelligence.
The consolidated view streamlines threat
hunting as well as allows for automated
remediations, or assisted investigation
Is a stack of compatible software programs that
allow an organization to collect data about
security threats from multiple sources and
respond to low-level security events without
human assistance.