Delivering Advanced Cyber Defense with Microsoft XDR: MSSP Capabilities and Architecture
This presentation introduces EY’s Managed Security Services Provider (MSSP) XDR architecture, showcasing how Microsoft’s native security solutions such as Microsoft Sentinel, Defender XDR, and Security Copilot are integrated to deliver centralized, multi-tenant security operations. It highlights the technical and operational design, custom use cases, and service handover strategy, ensuring data sovereignty and scalable threat detection and response.
Learning Objectives:
Understand the architecture and operational model of MSSP XDR services.
Explore Microsoft XDR components and their integration within multi-tenant environments.
Learn how EY customizes detection and response through multiple use cases.
Discover how automation and threat intelligence enhance SOC efficiency.
Gain insights into service handover, onboarding, and customer simulation environments.
Benefits:
Scalability: Managing your security operations in Azure with B2B and GDAP (Granular Delegated Access Privileges).
Security Depth: Integration of Microsoft Defender suite, Sentinel, and Security Copilot.
Customization: tailored use cases for identity, cloud, OT, SAP, and more.
Automation: playbooks and automation rules for incident response.
Compliance & Governance: Microsoft Purview, DLP, DSPM for AI, and regulatory mapping.
Operational Excellence: SOC Efficiency Reporting, UEBA, and ServiceNow integration.
Zero Trust Architecture: Reinforce identity protection, conditional access, and PIM.
Organizer
Cloud Security Alliance (CSA) is a not-for-profit organization with the mission to promote the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing.