Microsoft Security

Microsoft offers a set of comprehensive cloud and analytics powered security solutions through Azure and M365 security. This greatly helps protect enterprise users, devices, data, apps and infrastructure with reduced cost and complexity.

Leaders-Tech helps organizations to strategize, design and rapidly deploy comprehensive security and compliance controls leveraging the Microsoft security stack.

• Security assessment/workshops, zero-trust aligned strategy and roadmap for Azure and M365 adoption
• Digital IAM transformation using Azure Active Directory for Business-to-employee (B2E), Business-to-business (B2B) and Business-to-consumer (B2C)
• Modern workplace security and compliance transformation leveraging M365 security, compliance and privacy management
• Secure landing zone for Azure cloud workloads (i.e.: enterprise apps, SAP etc.) and continuous security and compliance monitoring and remediation leveraging automation
• Implement compliance controls such as PCI DSS, NIST or CIS for Azure workloads
• Information protection, governance, privacy and compliance program strategy, implementation and service leveraging M365 and Wipro’s frameworks
• Privacy by design and discovery of privacy data risks and mitigation services leveraging M365 Privacy Management, Wipro’s framework and integrated solutions

Leaders-Tech provides comprehensive threat management lifecycle support by using Azure Sentinel through design, build, and managed services.

• Secure Design Advisory
  • Traditional SIEM vs. Cloud-Native SIEM & SOAR comparative study
  • Risk assessment of existing setup
  • Review existing on-premise SIEM
  • Review existing use cases
  • Review existing multi-cloud and on-premises log sources
  • Design log sources and plan the integrations
  • Design Sentinel alerts, workgroups
  • Design threat intel feeds
• Secure Implementation
  • Azure Sentinel Subscription
  • Define and integrate the log sources
  • Define and integrate the threat intel
  • Define and configure Sentinel alerts, workbooks, playbooks
  • Define and configure data connectors
  • Define and integrate the log parsers
  • Define and customize the Azure Sentinel dashboard and reporting
  • Define and configure the ML models in the threat intel model

1. Sentinel Deployment
2. Log analytics architecture, retention and cost optimization
3. Sentinel as Code Deployment
4. Required Data Sources and custom connectors
5. Detection and Query Writing
6. Detection Framework
7. Automation Capabilities and Playbooks
8. RBAC
9. Working model
10. Workbooks
11. Threat Intelligence ingestion and correlation
12. Enhancing your alerts and increasing fidelity
13. Incident Response guidance.
14. Standard Operating Procedures
15. Compliance Requirements

The Microsoft 365 suite of security products gives you comprehensive solutions, intuitive management, and identity-driven security to help you stay productive and secure on any device.

1. Configure permissions, external sharing and data compliance setting  
2. Enable Multi factor authentication and Self-Service Password Reset  
3. Exclude Trusted Locations for MFA  
4. Set up audit logging - saves user activities in case of any breach  
5. Conditional Access policies  
6. Enable Litigation hold on all mailboxes  
7. Disable legacy authentication  
8. Enable Data Loss Prevention  
9. Alert set up for suspicious activities E.g single user mass download, logon from a risky IP address.  
10. Email Protection: Safe links, attachments, Anti-Spam, Anti-Phishing.

Azure Information Protection (AIP) is a cloud-based solution that enables organizations to discover, classify, and protect documents and emails by applying labels to content.

• Empowers organizations to discover, classify, and protect documents and emails by applying labels to content
• Configure policies to classify, label, and protect data based on its sensitivity
• Add classification and protection information for persistent protection ensuring the data remains protected
• Track activities on shared data and revoke access if necessary
• Share data safely with coworkers, customers, and partners

1. Securing your Azure infrastructure
2. Security review of deployed infrastructure
3. Logging and Monitoring. Achieving single pane of glass.
4. RBAC
5. Azure Security Center deployment and usage.
6. Security Orchestration, Automation and Response
7. Incident Response
8. Cloud Forensics and Logs Analysis
9. Container Security

• Azure Security Architecture
• Azure Security Center and Azure Sentinel deployment
• Azure Sentinel: Detection writing, workbook writing, custom data connectors, custom automations (logic apps), deployment, Sentinel as Code
• Incident Response Cloud and On-Prem
• Azure and Azure Active Directory Hardening
• EDRs and Host Investigations
• Office365 Policies.
• Intune Hardening Policies for Endpoints