Building a Security Operation Center (SOC) with Microsoft Defender XDR
Objectives
Challenges
Technical setup of a SOC that can be offered as a service.
Development of contractual principles, service agreement and documentation of the service.
Results
achieved
Connection of customer M365 tenants to central ODCUS tenants.
Monitor customer M365 tenants 24/7.
Log data collection using Microsoft Sentinel.
Implementation of KQL detection rules based on the MITR3 framework.
RBAC authorization concept for employees of the service provider.
Development of incident response measures and processes
Categories
Cybersecurity, Microsoft Defender, Sentinel
Date
6 months, 2025
Client
ODCUS AG
Building a Security Operation Center (SOC) with Microsoft Defender XDR
Objectives
Challenges
Technical setup of a SOC that can be offered as a service.
Development of contractual principles, service agreement and documentation of the service.
Results
achieved
Connection of customer M365 tenants to central ODCUS tenants.
Monitor customer M365 tenants 24/7.
Log data collection using Microsoft Sentinel.
Implementation of KQL detection rules based on the MITR3 framework.
RBAC authorization concept for employees of the service provider.
Development of incident response measures and processes
Categories
Cybersecurity, Microsoft Defender, Sentinel
Date
6 months, 2025
Client
ODCUS AG
Building a Security Operation Center (SOC) with Microsoft Defender XDR
Objectives
Challenges
Technical setup of a SOC that can be offered as a service.
Development of contractual principles, service agreement and documentation of the service.
Results
achieved
Connection of customer M365 tenants to central ODCUS tenants.
Monitor customer M365 tenants 24/7.
Log data collection using Microsoft Sentinel.
Implementation of KQL detection rules based on the MITR3 framework.
RBAC authorization concept for employees of the service provider.
Development of incident response measures and processes
Categories
Cybersecurity, Microsoft Defender, Sentinel
Date
6 months, 2025
Client
ODCUS AG