Delivering Advanced Cyber Defense with Microsoft XDR: MSSP Capabilities and Architecture

This presentation introduces EY’s Managed Security Services Provider (MSSP) XDR architecture, showcasing how Microsoft’s native security solutions such as Microsoft Sentinel, Defender XDR, and Security Copilot are integrated to deliver centralized, multi-tenant security operations. It highlights the technical and operational design, custom use cases, and service handover strategy, ensuring data sovereignty and scalable threat detection and response.

Learning Objectives:
Understand the architecture and operational model of MSSP XDR services.
Explore Microsoft XDR components and their integration within multi-tenant environments.
Learn how EY customizes detection and response through multiple use cases.
Discover how automation and threat intelligence enhance SOC efficiency.
Gain insights into service handover, onboarding, and customer simulation environments.

Benefits:
Scalability: Managing your security operations in Azure with B2B and GDAP (Granular Delegated Access Privileges).
Security Depth: Integration of Microsoft Defender suite, Sentinel, and Security Copilot.
Customization: tailored use cases for identity, cloud, OT, SAP, and more.
Automation: playbooks and automation rules for incident response.
Compliance & Governance: Microsoft Purview, DLP, DSPM for AI, and regulatory mapping.
Operational Excellence: SOC Efficiency Reporting, UEBA, and ServiceNow integration.
Zero Trust Architecture: Reinforce identity protection, conditional access, and PIM.

Speakers

Elena Albu is a Senior Cloud & Cybersecurity Architect with 17+ years of experience in IT, presales, delivery and customer engagement, with a strong drive for advancing technology and extensive exposure to enterprise-grade customer projects. Throughout her professional career, she has supported numerous customers with the design, architecture and implementation of end-to-end Cybersecurity solutions with a strong focus on Cloud. Elena holds a Master’s Degree in Cybersecurity from the Academy of Economic Studies in Bucharest, as well as a condensed MBA via Oracle University. What is more, Elena has earned multiple industry-recognized certifications such as:

• Certified Cloud Security Professional (CCSP)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• TOGAF9
• Microsoft Certified Cybersecurity Architect
• Microsoft Certified Azure Solutions Architect

Ovidiu Copăceanu is a Security Architect with a strong focus on security operations, architecture, and consulting, with 8+ years of experience in the field. Over the course of his professional career, he has supported with securing 40+ diverse customers by designing security strategies, architectures, and technical implementations. His expertise ranges from conducting security assessments and remediation planning to ensuring security compliance, developing detection use cases and supporting security operations with automation and threat-informed strategies. His passion for technology and cybersecurity has guided his professional journey, leading him to earn multiple certifications, including:

• Certified Cloud Security Professional (CCSP)
• Certified Information Systems Security Professional (CISSP)
• Certified in Cybersecurity
• Microsoft Certified: Azure Administrator Associate, Azure Solutions Architect Expert, Azure Security Engineer Associate
• Cybersecurity Architect Expert
• Security Operations Analyst Associate
• Microsoft 365 Certified: Endpoint Administrator Associate, Administrator Expert
• Crowdstrike Certified: Cloud Specialist, Falcon Administrator
• CyberArk Certified: Defender PAM, Sentry PAM

Ionuț Ianoșel is a Cybersecurity engineer with a robust background in technology, with over 5 years of dedicated experience working with leading cybersecurity products across Azure Cloud. His work spans strategy, architecture, and implementation, translating business risk into practical security controls, building measurable roadmaps and operationalizing capabilities for long-term success. Driven by a deep interest in Cybersecurity, Ionuț holds various cerifications such as:

• SC-900 – Microsoft Security, Compliance, and Identity Fundamentals
• SC-200 – Microsoft Security Operations Analyst Microsoft Security, Compliance & Identity Hackathon
• SC-100 – Cybersecurity Architect Expert
• MS-102 – Microsoft 365 Administrator
• SC-401 – Microsoft Information Protection Administrator

Moderators

Victor Rotaru   &   Grațiela Magdalinoiu

Zoom link: https://zoom.us/j/94408391949?pwd=WHiVAHwDtcWu6YPqxDEoT02osznq6Z.1