Up-to-date Microsoft Sentinel and Defender

Health check

Keep Microsoft Sentinel up-to-date and configured to changes in your SIEM environment.

Health check - automatic recommendations

Automatic recommendations

Seculyze continuously monitors your system and provides alert rule and log sources recommendations based on assesment of their value.

Health check - log source cost

Log source cost

Get an easy overview of the cost consequences of enabling and disabling log sources. We supply your estimated costs per log source – and also recommendations on setup.

Health check - best practice setup

Best practice setup

Receive best practice configuration recommendations to ensure value from SIEM because you, your environment and the SIEM changes constantly.

Automatically keep your SIEM up-to-date

Get ahead of a fast changing threat landscape with an up-to-date SIEM

The cybersecurity landscape is constantly evolving. Attackers consistently change their methods. Advancements in cybersecurity technologies means that the IT environment is rapidly changing. Your Microsoft Sentinel environment needs to be consistently configured and reconfigured to keep up with the dynamic environment.

Alert rules are assessed for the value they provide. High value alert rules should be enabled and vice versa for low value alert. Alert rules are both Microsoft and Seculyze custom rules to improve coverage while getting value out of your SIEM

Log sources or data types are assessed for the value, your estimated costs and coverage they provide. High value log sources should be used and vice versa for low value

These recommendations are best practice setup. When Microsoft Sentinel and Defender evolve, we ensure that you are kept up to date. It for example includes changing tier level to optimize your costs

No more “fire and forget” SIEM implementations

Stop your SIEM from decaying

Seculyze keeps an eye on the entire Microsoft Sentinel and Defender implementations. With the software, you can move from the “fire and forget” projects, that provide some coverage, to a fully functioning, streamlined SIEM system

What we monitor
Your health score

Get your health check score and improve

Ensure that the right alert rules are automatically enabled, and the wrong ones disabled. Attach the correct logs. And ensure correct and efficient configuration. We keep an eye on outdated alert rule templates.

All this provides input to your individual health check score. To get a better score than your peers, follow the simple, actionable recommendations.

About scoring
Scoring and improve SIEM health

Health Check Basics

The basis of the health check score is rating of all alert rules, all log sources, and all best practices. Get your own score. Match this to the minium recommended level and to your peers

200 point

is the very best coverage

400+

rated items is the basis

55

could be your peer score

Screenshots of the software

Health check - control by sub-menu

Control by sub-menu

Change, alter and follow best practice setup in the three areas that comprise the health check score: Alert rules, log sources and configurations.

Health check - one-click best practice

One-click best practice

Easily follow best practice setup by one-click recommendations. Or follow the individual recommendations and actions in the lists.

Health check - score and peer score

Score and peer score

See your own score and your peer score, so you know how much to improve and which level your peers are at