Get in Touch
M-XDR delivers a fully managed Microsoft Defender (Microsoft XDR) ecosystem. It includes all the benefits of our Managed Detection and Response (MDR) service, providing 24/7 protection, detection and response for cyber threats.
And Managed XDR goes much further than MDR: it focuses on continuous optimisation of your security controls and protections to ensure attacks are blocked earlier, attacker dwell time is reduced, and your security teams are freed up to focus on more important tasks.
Managed XDR combines the strengths of Microsoft 365 Defender and Microsoft Defender for Cloud to provide coverage across your entire IT estate – endpoints, data, email, multi-cloud (including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure), identity and more. It provides total visibility across your organisation, allowing you to safely and effectively secure what matters most.
Attacks will happen, resilience is key. M-XDR keeps pace with the latest threats and enables your business to thrive, even when under attack.
Quorum Cyber’s service is aligned to Gartner’s view of Managed XDR and is focused on truly extending Detection and Response services by fully managing and configuring the security toolset – protections are always optimised and detections are always tuned. This increases your security posture across the whole estate and enhances the MDR service by enabling it to focus on any incidents that bypass your boundaries.
What is Microsoft Sentinel and how does it work?
Microsoft Sentinel is a cloud-native SIEM platform that gives you an overview of your entire estate’s cyber security posture, allowing users to find and respond to active threats before they cause significant harm.
Will Microsoft Sentinel integrate with my company's existing tools?
Yes, Microsoft Sentinel will fully integrate with your company’s existing toolset, allowing users to connect to, and collect data from, all your company’s sources including users, servers, applications and any devices running on-premises or in the cloud. Microsoft Sentinel integrates with existing business applications, other security products and even custom-built tools.
What are the benefits of a cloud-based SIEM vs on-premises SIEM?
The largest benefit to having a cloud-based SIEM is cost. An on-premises solution is, generally, a very costly endeavour, and this factor is often underestimated when it comes to setting a budget. Aside from the large up-front costs of setting up the on-premises SIEM, there are ongoing costs with regards to updates and maintenance, additional hardware, servers and storage, as well as the SIEM team members’ salaries.
That said, some organisations do still prefer some of the benefits afforded by an on-premises SIEM in comparison to its cloud-based counterpart. The main factor here is security. As the SIEM is an on-site solution, all sensitive company data is completely held on-site and there is nothing sensitive stored in the cloud. This type of solution also gives the organisation complete control over all aspects of the SIEM – it is important to note, however, that this is only really a viable option where there are employees in place with the necessary skills, knowledge and expertise to manage such a complex solution. A cloud-based SIEM comes with a dedicated team of industry professionals who already possess the required levels of knowledge and expertise.
We use Office 365 as our company email, can I monitor this with Microsoft Sentinel?
Yes, the Office 365 activity log connector provides insight into ongoing Office 365 user activities. By configuring Office 365 Connector in Microsoft Sentinel you will get details of operations such as file downloads, access requests sent and details of the user who performed each action.
An administrator account in Office 365 is required to enable this connector.