From overwhelm to oversight

Issue 6 2023 Editor's Choice, Information Security, Products & Solutions

Security automation is vital in today’s world, and Microsoft Sentinel is a widely adopted, but complex answer. ContraForce is an easy-to-use add-on that automatically processes, verifies and warns of threats round-the-clock.

Patrick Evans.

In a digital world, cybersecurity is absolutely critical, which is why an increasing number of enterprises are adopting Zero-Trust policies. However, without proper technological assistance, this means that security teams will be forced to individually verify every user, endpoint, and application, adding massively to the amount of work on their plates.

Automation would appear to be the answer, which is why many companies have invested in Sentinel. This is Microsoft’s native security information and event management (SIEM) and security orchestration, automation and response (SOAR) platform, designed to help companies stay ahead of risk.

“The challenge here,” suggests Patrick Evans, CEO of SLVA Cybersecurity, “lies in the fact that despite its robust capabilities, Sentinel is a tool that remains incredibly challenging for end-users to use.”

“Bearing in mind that cybersecurity skills remain at a premium globally, what is really required is a solution that can be used as easily by IT generalists as by experienced cybersecurity professionals. This is why we recommend using ContraForce, a solution designed around this principle and built specifically for the Microsoft environment. Pertinently, it is also an offering that works as well in an organisation of five people or one with 5 000 employees,” he says.

“How ContraForce works,” he explains, “is by leveraging Sentinel to process security data, then using automated security monitoring to verify threats – distilling millions of events into thousands of alerts and then into a handful of incidents. The solution immediately notifies users via email, Teams, or SMS when an alert is verified, thereby providing around-the-clock threat detection and response.”

“The fundamental and critical difference between ContraForce and Sentinel is that the latter requires a security operations engineering team to constantly manage detection engineering, response engineering, and data pipeline management to ensure that data costs being ingested into Sentinel don not get out of control.”

“ContraForce, on the other hand, automates the management of these areas, although access is still provided to an expert team of security engineers – on an on-demand basis – to help modify rules, create custom response actions, and connect any data source required.”

Furthermore, he adds that a ContraForce implementation is seamless, with installation and deployment occurring online within minutes. This is significantly faster than Sentinel and will thus also positively impact the deployment economies of scale in your favour.

“ContraForce works so well,” continues Evans, “because it not only connects to your existing security investments, but also uses artificial intelligence (AI) and machine learning (ML) to immediately adapt to each enterprise’s unique environment. This, in turn, enables it to categorise threats accordingly and respond automatically to incidents as and when then they occur.”

“The solution can also be applied in the Microsoft 365 environment, the full Azure cloud environment, and even across your firewalls and intrusion detection devices, regardless of who provided them. This vendor agnosticism enables IT teams to condense their technology stack into a single dashboard, making existing tools easier to use and allowing them to take action directly from this one screen.”

“In a digital world where the clamour for Zero Trust policies and the demand for around-the-clock threat detection and response is growing, ContraForce makes perfect sense. It is a tool that automates and simplifies much of the cybersecurity process, delivering complete oversight, understanding, and confidence,” he concludes.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

AI camera for all-around AI solutions
Surveillance Products & Solutions
VIVOTEK has expanded its AI security business with the AI entry-tier 9383-Series network camera, a cost-effective solution that allows users to easily recognise attributes of people and cars, thereby enhancing operation and management efficiencies.

The future of digital identity in South Africa
Editor's Choice Access Control & Identity Management
When it comes to accessing essential services, such as national medical care, grants and the ability to vote in elections to shape national policy, a valid identity document is critical.

Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

AI-enabled tools reducing time to value and enhancing application security
Editor's Choice
Next-generation AI tools are adding new layers of intelligent testing, audit, security, and assurance to the application development lifecycle, reducing risk, and improving time to value while augmenting the overall security posture.

Perspectives on personal care monitoring and smart surveillance
Leaderware Editor's Choice Surveillance Smart Home Automation IoT & Automation
Dr Craig Donald believes smart surveillance offers a range of options for monitoring loved ones, but making the right choice is not always as simple as selecting the latest technology.

AI enables security solutions to define business strategies
Regal Distributors SA Editor's Choice
While allowing technologies to do exactly what they should do with even more efficiency and precision, AI is also empowering these same technologies to break through their traditional boundaries and create an ecosystem where one interface delivers outcomes across highly segmented verticals.

Putting cyber into surveillance
Dallmeier Electronic Southern Africa Cathexis Technologies Technews Publishing Editor's Choice
Cybersecurity has become an essential part of the physical security industry. However, unlike other IoT technologies, of which security products are a part, surveillance technologies have more to protect.

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.