Featured insights

2024 Global Digital Trust Insights Survey

C-Suite insights

Board governance issues

Case studies

ESG

PwC Executive Pulse

Podcasts

Tech Effect

Webcasts

All Research and insights

Featured

The New Equation

Executive leadership hub - What’s important to the C-suite?

Capabilities

Audit and assurance

Alliances and ecosystems

Board governance issues

Business Model Reinvention

Cloud and digital

Consulting

Cybersecurity, Risk and Regulatory

Deals

Digital assets and crypto

Digital assurance and transparency

Financial statement audit

Generative AI

Managed Services

Metaverse

PwC Private

Sustainability and ESG

Tax services

Transformation

Viewpoint

All capabilities

Industries

Consumer markets

Energy, utilities and resources

Financial services

Health industries

Industrial products

Technology, media and telecommunications

All industries

Technology

Alliances and ecosystems

Cloud and digital

Delivery platforms

Emerging technology

Products

Tech-enabled services

Tech Effect

About us

Alumni

Analyst relations

Investing in our people

Newsroom

Offices

Our leadership

Purpose and values

The New Equation

Featured

The New Equation

Tech Effect

Careers

Why PwC

Entry Level Careers

Experienced Careers

University Relations

Featured

Shared success benefits

Loading Results

No Match Found

Threat detection: Unleashing the power of automated threat monitoring

Summary

Microsoft Sentinel integrates on-premise and cloud workloads into its monitoring, detection and response workflows.
Artificial intelligence (AI) and machine learning (ML) technologies can identify anomalies in log activities that signal a security incident in progress.
PwC’s Rapid Release can help design, build and operate a full-stack platform for threat detection and response.

After a merger or acquisition, your organization could end up with more baggage than you bargained for — numerous data centers, overlapping security tools or inconsistent threat-detection capabilities — which could complicate or overwhelm your existing security incident and event management (SIEM) systems. Deploying a SIEM system can be time-consuming and complex, especially when you have a variety of disparate data sources. It requires in-depth knowledge of technology infrastructures, data flows and business processes.

To help make SIEM deployment less complex and time-consuming, Microsoft Sentinel is the first cloud-native SIEM offered from a major cloud provider. It allows you to rapidly integrate both on-premise and cloud workloads into their overall monitoring, detection and response workflows. Sentinel integrates into Microsoft 365 Defender to provide a full extended detection and response capability.

According to 2023 Global Digital Trust Insights, more than half (51%) of survey respondents plan to add cyber staff in 2022, and more than one-fifth (22%) will increase their staffing by 5% or more. These transformations will require companies to train new employees on their SIEM systems — a task made easier with Microsoft’s web-based interface.

Strengthening policies for a large financial company

Microsoft Sentinel helped a large North American bank after a merger left it with an outdated on-premise SIEM system. The company’s system was being inundated with security alerts that it couldn’t reliably process. It was unable to automatically ingest data and analyze large amounts of security event information, or use advanced technologies to detect patterns and anomalies that can signal suspicious activities.

Integrating logs from both cloud and on-premise data sources is complicated, and this organization didn’t have the time required to get a new SIEM fully operational — a process that typically takes months or even years to complete. Microsoft Sentinel was able to help streamline implementations with standard connectors and application program interfaces (APIs) for fast onboarding of logs from Azure and Microsoft 365.

With custom libraries that provide alerts, analytics and workflows for threat detection and response activities, the organization was able to customize and expand SIEM to strengthen access policies, analyze network activity, secure mobile devices and predict future threats. Going forward, they can continue building out Microsoft Sentinel with additional security tools, further empowering the organization to manage enterprise-wide alerts from a single console.

For speedier deployment, PwC developed two services that can be rolled out in six to eight weeks: Rapid Release to help design, build and operate a full-stack platform for threat detection and response, and Rapid Replace to help replace a legacy SIEM with an updated alternative. With Microsoft Sentinel’s built-in artificial intelligence (AI) and machine learning (ML) technologies, you can identify patterns and anomalies in log activities that signal a security incident in progress.

PwC’s Rapid Release and Rapid Replace, which encompass Microsoft Sentinel and M365 Defender XDR, can also automate routine security tasks such as procedural workflows, alert responses and data collection. Using AI to analyze large volumes of data across your enterprise, Microsoft Sentinel helps make threat detection both smarter and faster — allowing you to focus on finding threats quickly.

Solve your business’s most important problems with confidence by ensuring your SIEM expands as threats to your data evolve.

Be cyber-ready for tomorrow

See how PwC and Microsoft can help strengthen threat-detection capabilities.

Learn more

Scott Gelber

Principal, Cybersecurity, Privacy & Forensics, PwC US

Chris O'Connor

Managing Director, Cyber Managed Services, PwC US

Douglas Li

Director, Cybersecurity, Privacy & Forensics, PwC US

Next and previous component will go here

Our insights. Your choices.

Subscribe here

Trust solutions Consulting Tax services Newsroom Alumni US offices Contact us

© 2017 - 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.