Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Free Trustwave Workshop: Microsoft Defend Against Threats with SIEM Plus XDR

Microsoft understands the importance of security, and to help its clients keep threat actors at bay, the company often bundles Microsoft Defender and Sentinel security products with its Office and Azure offerings.

The kicker is that in many cases, Microsoft's client is either unaware these security features are included with their purchase or simply don't know how to make the most out of these security tools.

This area is where Trustwave plays a role. As a trusted Microsoft partner, Trustwave has been given the opportunity to implement the Microsoft Managed Security Solutions Provider Partner program. This includes offering free workshops to current Microsoft clients, which will break down, explain, and, if the client desires, even help manage their Sentinel and Defender security products.

The client must meet some technical prerequisites for consideration, and Microsoft must sign off for an organization to participate. The workshops are open to all Trustwave customers and any interested outside party.

Trustwave has designed the workshops to enhance a Microsoft client's understanding of and confidence in Sentinel and Defender.

Just as a quick reminder, Sentinel is a scalable, cloud-native solution that provides Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR). Defender is is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

Workshops Conducted by Security Professionals

Trustwave's Solution Engineering/Security Architect team will deliver the workshops. The entire process can take up to a month to complete and will include using a tenant to Sentinel to gain access to the client's system, but which will not impact its production environment.

The overall goal of the workshop is for:

  • Customers develop confidence in the value of Microsoft 365 E5
  • Identify real security threats in the client's environment using a Microsoft 365 trial
  • Showcase the Microsoft Sentinel and Microsoft 365 Defender experience
  • Providing an overview of Microsoft Security's end-to-end story
  • Use demos to showcase product capabilities

The Trustwave team conducts the workshop virtually. This method helps expedite the process by eliminating the need to set up travel arrangements and it builds in flexibility, allowing the client to set the time.

Who can Attend?

The workshops are open to any current or potential Trustwave customer that is now using or evaluating the possible use of Microsoft security products. These would include Microsoft E3 customers looking at Microsoft security or E5 customers interested in seeing how Microsoft security could help them.

There are some technical requirements that must be met for consideration. An organization must have 800+ Microsoft Defender for Endpoint (MDI) and Microsoft Defender for Office (MD0) and Azure Active Directory Premium Plan 2 paid active users. Additionally, a participant needs 250+ Monthly Active Users (MAU) for Exchange Online, SharePoint Online or Teams.

There is no limit to the number of people who can attend the workshops. Still, a potential attendee should keep in mind that the event is designed for a technical audience and the security team, so those attending should fall into those categories.

There is an approval process, which Trustwave manages, but generally, a client will receive notification of acceptance within two weeks.

The Workshop Process

The workshop begins with a kick-off meeting during which the parties go through the process that will take place and cover what will be required regarding time and resources.

After the kick-off, the two sides will hold weekly meetings. The Trustwave team uses this time to lead the participants through working with the Microsoft security tools, resolving issues the company may have with these products and gathering general information on the client's system.

Trustwave may also conduct a simulated attack from an EDR perspective against the client's environment, which helps demonstrate the proper use of Sentinel and Defender.

Finally, the Trustwave team conducts an actual search for vulnerabilities using the Microsoft products.

The culmination of the workshop is a presentation during which Trustwave shows the output from all the work, which includes screen captures of the data, any vulnerabilities discovered, and a list of other issues that might require further investigation.

The participant's take-away from the workshop is a meeting in which the Trustwave engineers or representative from the company's Consulting and Professional Services team presents all the findings to the participant. 

From start to finish, the workshop experience will take about a month to complete 

Any firm interested in having a Microsoft Managed Security Solutions Provider Partner workshop conducted can contact Lauri Martinez.

Latest Trustwave Blogs

Using Trustwave DbProtect and Offensive Security Solutions to Protect Against Nation-State Cyber Threats

The US Director of National Intelligence (DNI) earlier this month gave a stark warning to the Senate Armed Services Committee detailing the cyberthreats arrayed against the US and the world from...

Read More

Defending the Energy Sector Against Cyber Threats: Insights from Trustwave SpiderLabs

It has always been clear, even before the Colonial Pipeline attack, that the energy sector is a prime target for not only criminal threat groups, but also nation-state actors. After all, halting fuel...

Read More

Trustwave SpiderLabs Unveils the 2024 Public Sector Threat Landscape Report

Trustwave SpiderLabs’ latest report, the 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies details the security issues facing public sector...

Read More