Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks. Learn More

Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks. Learn More

Services
Capture
Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

twi-cloud-lock-color-svg
Managed Security Services

Expand your team’s capabilities and strengthen your security posture

twi-briefcase-color-svg
Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

twi-dashboard-color-svg
Penetration Testing

Subscription- or project-based testing, delivered by global experts

twi-database-color-svg
Database Security

Get ahead of database risk, protect data and exceed compliance requirements

twi-email-color-svg
Email Security & Management

Catch email threats others miss with layered security & maximum control

twi-managed-portal-color
Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Platform
SpiderLabs Fusion Center
Security Operations Centers
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Free Trustwave Workshop: Microsoft Defend Against Threats with SIEM Plus XDR

Microsoft understands the importance of security, and to help its clients keep threat actors at bay, the company often bundles Microsoft Defender and Sentinel security products with its Office and Azure offerings.

The kicker is that in many cases, Microsoft's client is either unaware these security features are included with their purchase or simply don't know how to make the most out of these security tools.

This area is where Trustwave plays a role. As a trusted Microsoft partner, Trustwave has been given the opportunity to implement the Microsoft Managed Security Solutions Provider Partner program. This includes offering free workshops to current Microsoft clients, which will break down, explain, and, if the client desires, even help manage their Sentinel and Defender security products.

The client must meet some technical prerequisites for consideration, and Microsoft must sign off for an organization to participate. The workshops are open to all Trustwave customers and any interested outside party.

Trustwave has designed the workshops to enhance a Microsoft client's understanding of and confidence in Sentinel and Defender.

Just as a quick reminder, Sentinel is a scalable, cloud-native solution that provides Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR). Defender is is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

Workshops Conducted by Security Professionals

Trustwave's Solution Engineering/Security Architect team will deliver the workshops. The entire process can take up to a month to complete and will include using a tenant to Sentinel to gain access to the client's system, but which will not impact its production environment.

The overall goal of the workshop is for:

  • Customers develop confidence in the value of Microsoft 365 E5
  • Identify real security threats in the client's environment using a Microsoft 365 trial
  • Showcase the Microsoft Sentinel and Microsoft 365 Defender experience
  • Providing an overview of Microsoft Security's end-to-end story
  • Use demos to showcase product capabilities

The Trustwave team conducts the workshop virtually. This method helps expedite the process by eliminating the need to set up travel arrangements and it builds in flexibility, allowing the client to set the time.

Who can Attend?

The workshops are open to any current or potential Trustwave customer that is now using or evaluating the possible use of Microsoft security products. These would include Microsoft E3 customers looking at Microsoft security or E5 customers interested in seeing how Microsoft security could help them.

There are some technical requirements that must be met for consideration. An organization must have 800+ Microsoft Defender for Endpoint (MDI) and Microsoft Defender for Office (MD0) and Azure Active Directory Premium Plan 2 paid active users. Additionally, a participant needs 250+ Monthly Active Users (MAU) for Exchange Online, SharePoint Online or Teams.

There is no limit to the number of people who can attend the workshops. Still, a potential attendee should keep in mind that the event is designed for a technical audience and the security team, so those attending should fall into those categories.

There is an approval process, which Trustwave manages, but generally, a client will receive notification of acceptance within two weeks.

The Workshop Process

The workshop begins with a kick-off meeting during which the parties go through the process that will take place and cover what will be required regarding time and resources.

After the kick-off, the two sides will hold weekly meetings. The Trustwave team uses this time to lead the participants through working with the Microsoft security tools, resolving issues the company may have with these products and gathering general information on the client's system.

Trustwave may also conduct a simulated attack from an EDR perspective against the client's environment, which helps demonstrate the proper use of Sentinel and Defender.

Finally, the Trustwave team conducts an actual search for vulnerabilities using the Microsoft products.

The culmination of the workshop is a presentation during which Trustwave shows the output from all the work, which includes screen captures of the data, any vulnerabilities discovered, and a list of other issues that might require further investigation.

The participant's take-away from the workshop is a meeting in which the Trustwave engineers or representative from the company's Consulting and Professional Services team presents all the findings to the participant. 

From start to finish, the workshop experience will take about a month to complete 

Any firm interested in having a Microsoft Managed Security Solutions Provider Partner workshop conducted can contact Lauri Martinez.

Latest Trustwave Blogs

Unlock the Power of Your SIEM with Co-Managed SOC

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools,...

Read More

Trustwave SpiderLabs: LockBit 3.0 Ransomware Most Common Malware Used to Attack the Manufacturing Sector

As the manufacturing sector continues its digital transformation, Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) are becoming...

Read More

Trustwave’s Observations on the Recent Cyberattack on Aliquippa Water Treatment Plant

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity &...

Read More