Setup & Management
Automation & Enrichment
Notification & Automatic Incident Resolution
Vulnerability Reporting
Reporting & Monitoring
AlpenShield PRO
Setup & Management
Setup and configure Workspace
This involves setting up Log Analytics in your tenant and deploy Sentinel into it. If you already have an existing Sentinel Workspace, we will use this one. You will also receive an introduction of the Sentinel interface and we will connect your Sentinel to the AlpenShield Service.
Implement Microsoft Connectors
We will deploy the following basic Microsoft Connectors to Sentinel:
Deploy and curate Analytic Rules
We will deploy and curate Analytic Rules for all implemented connectors.
Deploy and curate Playbooks
We will deploy and curate Playbooks for all implemented connectors.
Deploy and curate Workbooks
We will deploy and curate Workbooks for all implemented connectors.
Deploy additional Logsources, Analytic Rules etc.
Deploy custom Logsources, Analytic Rules etc.
Enable User and Entity Behavior Analytics (UEBA)
If you wish, we will enable UEBA for your Sentinel instance (some customers rather not due to costs).
Customer can define High Value Assets for context
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.
Escalation methods
Automation & Enrichment
Enrich incidents
Incident and Entity Whitelisting
Sensitivity Control
You can choose between different levels of sensitivity for the Automation to act upon.
Machine Learning on Customer Data for Incident Triage
AlpenShield is using Azure OpenAI Services for this functionality which ensures data privacy and compliance. Please see the corresponding Microsoft webiste (link) for more details.
MITRE ATT&CK Framework integration
Notification & Automatic Incident Resolution
Receive enriched e-mail notification
Receive enriched message in Teams
One-click resolution via Teams
Receive notification via SMS
Receive notification via phone call
Mitigation via phone call
Explain it to me like I am five (ELI5)
Sometimes even cybersecurity experts have a hard time grasping all the information in an incident. With our ELI5 feature, you will receive a summary in plain English even non-experts will understand - and can act upon.
PANIC BUTTON
As part of the service, you will receive a literally red panic button you can press if it all goes south to protect your environment from further damage.
Vulnerability Reporting
Weekly Vulnerability Reports
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.Receive weekly reporting of high priority vulnerabilties in your environment based on Microsoft Defender for Endpoint - directly into your mailbox.
Reporting & Monitoring
Data Connection Health Monitoring
It is critical to see if the data flow via the connectors are up and running (no data = no incidents). But things can also gradually degrade such as the change of APIs used etc. All these things need 24/7 monitoring and notification to make sure the environment stays secure.
Incident statistics
Data usage and Top Users statistics
Cost control reporting
AlpenShield PRO
On-Demand Security-Expert
An on-demand Security-Expert will assist and anaylze a concrete incident with you.
Get the basics right and make sure Sentinel stays current. For companies who want to start small, explore and maybe extend later.
Basic
Basic
(via Sentinel Workbook)
A service for companies looking for inclusion of enhanced logsources and flexible escalation-, automation- and notification-capabilities.
Priced per request
Enhanced
Enhanced
(via Sentinel Workbook)
(via Sentinel Workbook)
(via Sentinel Workbook)
(via Sentinel Workbook)
Priced per incident
Includes Vulnerability Reporting and Machine Learning on Customer Data for Incident Triage. Oh: and a red PANIC BUTTON if it all goes downhill.
Certain number of Analytic Rules included per month
Enhanced
Enhanced
(via pro-active Teams notification)
(via Teams)
(via Teams)
(via Teams)
Included for certain number of incidents per month
Get the basics right and make sure Sentinel stays current. For companies who want to start small, explore and maybe extend later.
Setup & Management
Automation & Enrichment
Notification & Automatic Incident Resolution
Vulnerability Reporting
Reporting & Monitoring
AlpenShield PRO
Setup & Management
Setup and configure Workspace
This involves setting up Log Analytics in your tenant and deploy Sentinel into it. If you already have an existing Sentinel Workspace, we will use this one. You will also receive an introduction of the Sentinel interface and we will connect your Sentinel to the AlpenShield Service.
Implement Microsoft Connectors
We will deploy the following basic Microsoft Connectors to Sentinel:
Deploy and curate Analytic Rules
We will deploy and curate Analytic Rules for all implemented connectors.
Deploy and curate Playbooks
We will deploy and curate Playbooks for all implemented connectors.
Deploy and curate Workbooks
We will deploy and curate Workbooks for all implemented connectors.
Deploy additional Logsources, Analytic Rules etc.
Deploy custom Logsources, Analytic Rules etc.
Enable User and Entity Behavior Analytics (UEBA)
If you wish, we will enable UEBA for your Sentinel instance (some customers rather not due to costs).
Customer can define High Value Assets for context
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.
Escalation methods
Automation & Enrichment
Enrich incidents
Incident and Entity Whitelisting
Sensitivity Control
You can choose between different levels of sensitivity for the Automation to act upon.
Machine Learning on Customer Data for Incident Triage
AlpenShield is using Azure OpenAI Services for this functionality which ensures data privacy and compliance. Please see the corresponding Microsoft webiste (link) for more details.
MITRE ATT&CK Framework integration
Notification & Automatic Incident Resolution
Receive enriched e-mail notification
Receive enriched message in Teams
One-click resolution via Teams
Receive notification via SMS
Receive notification via phone call
Mitigation via phone call
Explain it to me like I am five (ELI5)
Sometimes even cybersecurity experts have a hard time grasping all the information in an incident. With our ELI5 feature, you will receive a summary in plain English even non-experts will understand - and can act upon.
PANIC BUTTON
As part of the service, you will receive a literally red panic button you can press if it all goes south to protect your environment from further damage.
Vulnerability Reporting
Weekly Vulnerability Reports
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.Receive weekly reporting of high priority vulnerabilties in your environment based on Microsoft Defender for Endpoint - directly into your mailbox.
Reporting & Monitoring
Data Connection Health Monitoring
It is critical to see if the data flow via the connectors are up and running (no data = no incidents). But things can also gradually degrade such as the change of APIs used etc. All these things need 24/7 monitoring and notification to make sure the environment stays secure.
Incident statistics
Data usage and Top Users statistics
Cost control reporting
AlpenShield PRO
On-Demand Security-Expert
An on-demand Security-Expert will assist and anaylze a concrete incident with you.
Basic
Basic
(via Sentinel Workbook)
A service for companies looking for inclusion of enhanced logsources and flexible escalation-, automation- and notification-capabilities.
Setup & Management
Automation & Enrichment
Notification & Automatic Incident Resolution
Vulnerability Reporting
Reporting & Monitoring
AlpenShield PRO
Setup & Management
Setup and configure Workspace
This involves setting up Log Analytics in your tenant and deploy Sentinel into it. If you already have an existing Sentinel Workspace, we will use this one. You will also receive an introduction of the Sentinel interface and we will connect your Sentinel to the AlpenShield Service.
Implement Microsoft Connectors
We will deploy the following basic Microsoft Connectors to Sentinel:
Deploy and curate Analytic Rules
We will deploy and curate Analytic Rules for all implemented connectors.
Deploy and curate Playbooks
We will deploy and curate Playbooks for all implemented connectors.
Deploy and curate Workbooks
We will deploy and curate Workbooks for all implemented connectors.
Deploy additional Logsources, Analytic Rules etc.
Deploy custom Logsources, Analytic Rules etc.
Enable User and Entity Behavior Analytics (UEBA)
If you wish, we will enable UEBA for your Sentinel instance (some customers rather not due to costs).
Customer can define High Value Assets for context
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.
Escalation methods
Automation & Enrichment
Enrich incidents
Incident and Entity Whitelisting
Sensitivity Control
You can choose between different levels of sensitivity for the Automation to act upon.
Machine Learning on Customer Data for Incident Triage
AlpenShield is using Azure OpenAI Services for this functionality which ensures data privacy and compliance. Please see the corresponding Microsoft webiste (link) for more details.
MITRE ATT&CK Framework integration
Notification & Automatic Incident Resolution
Receive enriched e-mail notification
Receive enriched message in Teams
One-click resolution via Teams
Receive notification via SMS
Receive notification via phone call
Mitigation via phone call
Explain it to me like I am five (ELI5)
Sometimes even cybersecurity experts have a hard time grasping all the information in an incident. With our ELI5 feature, you will receive a summary in plain English even non-experts will understand - and can act upon.
PANIC BUTTON
As part of the service, you will receive a literally red panic button you can press if it all goes south to protect your environment from further damage.
Vulnerability Reporting
Weekly Vulnerability Reports
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.Receive weekly reporting of high priority vulnerabilties in your environment based on Microsoft Defender for Endpoint - directly into your mailbox.
Reporting & Monitoring
Data Connection Health Monitoring
It is critical to see if the data flow via the connectors are up and running (no data = no incidents). But things can also gradually degrade such as the change of APIs used etc. All these things need 24/7 monitoring and notification to make sure the environment stays secure.
Incident statistics
Data usage and Top Users statistics
Cost control reporting
AlpenShield PRO
On-Demand Security-Expert
An on-demand Security-Expert will assist and anaylze a concrete incident with you.
Priced per request
Enhanced
Enhanced
(via Sentinel Workbook)
(via Sentinel Workbook)
(via Sentinel Workbook)
(via Sentinel Workbook)
Priced per incident
Includes Vulnerability Reporting and Machine Learning on Customer Data for Incident Triage. Oh: and a red PANIC BUTTON if it all goes downhill.
Setup & Management
Automation & Enrichment
Notification & Automatic Incident Resolution
Vulnerability Reporting
Reporting & Monitoring
AlpenShield PRO
Setup & Management
Setup and configure Workspace
This involves setting up Log Analytics in your tenant and deploy Sentinel into it. If you already have an existing Sentinel Workspace, we will use this one. You will also receive an introduction of the Sentinel interface and we will connect your Sentinel to the AlpenShield Service.
Implement Microsoft Connectors
We will deploy the following basic Microsoft Connectors to Sentinel:
Deploy and curate Analytic Rules
We will deploy and curate Analytic Rules for all implemented connectors.
Deploy and curate Playbooks
We will deploy and curate Playbooks for all implemented connectors.
Deploy and curate Workbooks
We will deploy and curate Workbooks for all implemented connectors.
Deploy additional Logsources, Analytic Rules etc.
Deploy custom Logsources, Analytic Rules etc.
Enable User and Entity Behavior Analytics (UEBA)
If you wish, we will enable UEBA for your Sentinel instance (some customers rather not due to costs).
Customer can define High Value Assets for context
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.
Escalation methods
Automation & Enrichment
Enrich incidents
Incident and Entity Whitelisting
Sensitivity Control
You can choose between different levels of sensitivity for the Automation to act upon.
Machine Learning on Customer Data for Incident Triage
AlpenShield is using Azure OpenAI Services for this functionality which ensures data privacy and compliance. Please see the corresponding Microsoft webiste (link) for more details.
MITRE ATT&CK Framework integration
Notification & Automatic Incident Resolution
Receive enriched e-mail notification
Receive enriched message in Teams
One-click resolution via Teams
Receive notification via SMS
Receive notification via phone call
Mitigation via phone call
Explain it to me like I am five (ELI5)
Sometimes even cybersecurity experts have a hard time grasping all the information in an incident. With our ELI5 feature, you will receive a summary in plain English even non-experts will understand - and can act upon.
PANIC BUTTON
As part of the service, you will receive a literally red panic button you can press if it all goes south to protect your environment from further damage.
Vulnerability Reporting
Weekly Vulnerability Reports
You can easily define High Value Assets so that this information can be used for context during Incident triage and automation.Receive weekly reporting of high priority vulnerabilties in your environment based on Microsoft Defender for Endpoint - directly into your mailbox.
Reporting & Monitoring
Data Connection Health Monitoring
It is critical to see if the data flow via the connectors are up and running (no data = no incidents). But things can also gradually degrade such as the change of APIs used etc. All these things need 24/7 monitoring and notification to make sure the environment stays secure.
Incident statistics
Data usage and Top Users statistics
Cost control reporting
AlpenShield PRO
On-Demand Security-Expert
An on-demand Security-Expert will assist and anaylze a concrete incident with you.
Certain number of Analytic Rules included per month
Enhanced
Enhanced
(via pro-active Teams notification)
(via Teams)
(via Teams)
(via Teams)
Included for certain number of incidents per month
Any questions? Check out the FAQ!
Do you want to learn more? We suggest you book a short and comprehensive demo of our Managed Sentinel Services right now. It will be worth your time!
