From overwhelm to oversight

Issue 6 2023 Editor's Choice, Information Security, Products & Solutions

Security automation is vital in today’s world, and Microsoft Sentinel is a widely adopted, but complex answer. ContraForce is an easy-to-use add-on that automatically processes, verifies and warns of threats round-the-clock.


Patrick Evans.

In a digital world, cybersecurity is absolutely critical, which is why an increasing number of enterprises are adopting Zero-Trust policies. However, without proper technological assistance, this means that security teams will be forced to individually verify every user, endpoint, and application, adding massively to the amount of work on their plates.

Automation would appear to be the answer, which is why many companies have invested in Sentinel. This is Microsoft’s native security information and event management (SIEM) and security orchestration, automation and response (SOAR) platform, designed to help companies stay ahead of risk.

“The challenge here,” suggests Patrick Evans, CEO of SLVA Cybersecurity, “lies in the fact that despite its robust capabilities, Sentinel is a tool that remains incredibly challenging for end-users to use.”

“Bearing in mind that cybersecurity skills remain at a premium globally, what is really required is a solution that can be used as easily by IT generalists as by experienced cybersecurity professionals. This is why we recommend using ContraForce, a solution designed around this principle and built specifically for the Microsoft environment. Pertinently, it is also an offering that works as well in an organisation of five people or one with 5 000 employees,” he says.

“How ContraForce works,” he explains, “is by leveraging Sentinel to process security data, then using automated security monitoring to verify threats – distilling millions of events into thousands of alerts and then into a handful of incidents. The solution immediately notifies users via email, Teams, or SMS when an alert is verified, thereby providing around-the-clock threat detection and response.”

“The fundamental and critical difference between ContraForce and Sentinel is that the latter requires a security operations engineering team to constantly manage detection engineering, response engineering, and data pipeline management to ensure that data costs being ingested into Sentinel don not get out of control.”

“ContraForce, on the other hand, automates the management of these areas, although access is still provided to an expert team of security engineers – on an on-demand basis – to help modify rules, create custom response actions, and connect any data source required.”

Furthermore, he adds that a ContraForce implementation is seamless, with installation and deployment occurring online within minutes. This is significantly faster than Sentinel and will thus also positively impact the deployment economies of scale in your favour.

“ContraForce works so well,” continues Evans, “because it not only connects to your existing security investments, but also uses artificial intelligence (AI) and machine learning (ML) to immediately adapt to each enterprise’s unique environment. This, in turn, enables it to categorise threats accordingly and respond automatically to incidents as and when then they occur.”

“The solution can also be applied in the Microsoft 365 environment, the full Azure cloud environment, and even across your firewalls and intrusion detection devices, regardless of who provided them. This vendor agnosticism enables IT teams to condense their technology stack into a single dashboard, making existing tools easier to use and allowing them to take action directly from this one screen.”

“In a digital world where the clamour for Zero Trust policies and the demand for around-the-clock threat detection and response is growing, ContraForce makes perfect sense. It is a tool that automates and simplifies much of the cybersecurity process, delivering complete oversight, understanding, and confidence,” he concludes.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Hikvision launches AcuSeek NVR
Surveillance Products & Solutions AI & Data Analytics
By integrating natural language interaction, Hikvision’s AcuSeek NVR enables precise video and image retrieval within seconds, marking a transformative milestone for the security industry's advance into intelligent and efficient applications.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Analyse, automate, and optimise logistics processes
neaMetrics Surveillance Transport (Industry) Products & Solutions Logistics (Industry)
In today’s rapidly evolving logistics sector, the pressure to improve process efficiency, optimise resource usage, and ensure seamless security is more intense than ever. Smart, proactive surveillance is no longer a luxury — it is a critical operational necessity.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Winners of the 2025 Southern Africa OSPAs
Editor's Choice
The winners of the 2025 Southern Africa Outstanding Security Performance Awards (OSPAs) were revealed on Wednesday, 4th June, at Securex South Africa. Winners from all categories (except the Lifetime Achievement) will be featured in the second Global OSPAs set to take place in 2026.

Read more...
Deepfakes and digital trust
Editor's Choice
By securing the video right from the specific camera that captured it, there is no need to prove the chain of custody for the video, you can verify the authenticity at every step.

Read more...
A new generational framework
Editor's Choice Training & Education
Beyond Generation X, and Millennials, Dr Chris Blair discusses the seven decades of technological evolution and the generations they defined, from the 1960’s Mainframe Cohort, to the 2020’s AI Navigators.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Key design considerations for a control room
Leaderware Editor's Choice Surveillance Training & Education
If you are designing or upgrading a control room, or even reviewing or auditing an existing control room, there are a number of design factors that one would need to consider.

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.