Skip to content
Microsoft Sentinel building

Microsoft Sentinel
Proof of Concept (POC)

Experience What is Possible

With Microsoft Sentinel SIEM/SOAR

Use Sentinel License or Existing SIEM

Whether you already have a Microsoft Sentinel license, or if you have a separate SIEM tool altogether, Quzara will demonstrate the value of adding Microsoft Sentinel to your Security Operations technology stack.​

Why Microsoft Sentinel?

Microsoft Sentinel delivers a cloud SIEM that scales based on your workload. Sentinel offers the following capabilities: Threat Hunting, Threat Intelligence, User and Entity Behavior Analytics (UEBA), and Security Orchestration Automation & Response (SOAR).

POC for Microsoft Sentinel

After identifying key use cases and value points, we deploy Sentinel and Defender XDR to a pilot group for a four-week period, report our findings, and give you the option to scale directly to production.

There are 5 steps involved in delivering the POC

  • 02 DESIGN
  • 04 ANALYZE
  • 05 DELIVER

We will hold a series of preliminary meetings (including a kickoff call) to determine the overall scope of the engagement and capture key considerations and success criteria. This step will cover:

  • Defining the size of the deployment
  • Agreeing on event and log sources
  • Guidance for design and deployment considerations
  • Understanding logical access requirements
  • Identifying key stakeholders and their requirements
  • Agreeing on the success criteria

In this design step, our team of security analysts and engineers design use cases and key technical requirements. This step will cover:

  • Documenting the delivery plan
  • Creating & implementing use case detections
  • Process design
  • Define reporting requirements​
  • Agreement of any additional requirements

The technical implementation and enablement of Microsoft’s security solutions will cover

  • Enablement & configuration of key technologies
  • Technology deployment
  • Implementation of use case detection rules
  • Deployment of any required remedial actions
  • Implementation of identified integrations
  • Implementation of approved areas of automation
  • Implementation of agreed process
  • Delivery of short stand-up reporting sessions

In the Analyze step we work with key stakeholders to analyze alerts and incidents. This step will cover:

  • Management of alerts and incidents
  • Analysis and collation of triggered use cases
  • Weekly updates on the progress of the POC
  • Delivery of success criteria

The outcomes of the POC are delivered and presented to key stakeholders, concluding with a Q&A session. The final presentation will cover:

  • Executive Summary
  • Deployment Evaluation​​
  • Use Case Validation
  • Success Criteria
  • Microsoft Sentinel Visibility & Results
  • POC Recommendations
Start Your POC Today