Feature Announcement, Microsoft Sentinel, MXDR

Introducing CloudGuard’s New MXDR Platform

Table of Contents

CloudGuard’s MXDR platform is getting ready for Christmas early with its newly updated customer dashboard, offering more detailed insights into your organisation’s cybersecurity operations. I’m Liam, CloudGuard’s Platform Leader, and I’m going to walk you through some of the key changes to our MXDR platform.

Clearer overview

We’ve overhauled the MXDR platform’s dashboard overview – giving a clearer indication of security across your environment. Tables now have useful axis data to make it easier to track your performance. We’ve also streamlined the colour scheme to make alert severity easier to identify.

animated gif showing old and new mxdr platform dashboard

More powerful metrics

To make everything more accessible at a glance, we’ve changed some of the key metric tables regarding your environment.

  • Alert Closure Reason has been removed, and replaced with Severity of Open Tickets – that’s definitely important to know
  • Top 3 Metrics: Shows you the Total Amount of Alerts, and the breakdown of open alerts from Sentinel and M365
  • Bottom 3 Metrics: Now shows the impact automation has on your environment, and the amount of devices monitored within Defender for Endpoint

old vs new key metrics overview in mxdr platform

More detailed drilldowns

We understand you want to know about incidents in your environment, so we’ve enriched the drilldown data that’s available for all alerts. This should give you a much clearer picture of what’s happening.  Adding data filtering and search capabilities is our next goal.

old vs new data drilldown in the mxdr platform

New MXDR platform metric: Automation Impact

A powerful new metric to give you an insight into the Guardian App, the impact automation is having on your environment, and your security operations as a whole. See the amount of time we’ve saved with automated threat intelligence, triaging, and resolution. You can also see the total number of tickets we’ve been able to influence with automation.

automation impact in the mxdr platform

Monitored assets

It’s now easier than ever to see the assets being monitored in your environment – with helpful metrics to guide you on your risk and security.

example of monitored assets in the MXDR platform

Tickets needing your attention

We’ve streamlined the process that enables you to see the tickets that need your attention. Simply click in the dashboard as below and it’ll take you to the ticketing system.

gif showing how customers access their ticket queue in mxdr platform

Data consumption

Data consumption is very a important metric when it comes to cybersecurity as it can directly impact your security costs. We’ve updated the visuals and data within the dashboard to make it much clearer to see what drives consumption in your environment.

data consumption in the mxdr platform

Data connector drilldown

Each data connector from your environment into Microsoft Sentinel now has a detailed drilldown of data, so you can see what’s happening across multiple vectors. See the number of events and various logs, as well as other helpful metrics. Some data in the below example has been obscured for security.

example of the connector data drilldown in the mxdr platform

Health status for connectors

The health of your connectors is paramount when it comes to your security. We’ve made it easy to see with a scroll of a mouse, as you’ll see in the video below. It will give you more information on hover should there by anything to be concerned about.

example of checking connector health in mxdr platform

Custom time range filter

Want to review your security data over a certain time period? That’s now possible with our custom time range filter. Simply click and select the time period you want, and we’ll show you the data. Please note that the availability of historical data is dependent on your log data retention rules within Microsoft Sentinel.

showing how custom filters work in the mxdr platform

Link to SharePoint

Want to view all your customer documents related to our MXDR service? You can now click within the dashboard to be taken to your private SharePoint environment.

how to access customer sharepoint in mxdr platform

That’s all, folks

And that’s it for now on the new features in our MXDR platform customer dashboard. Our engineers are already working on the next phase of enhancements, and I look forward to sharing the updates with you in the future. Do you have any feature requests or questions? Email me on [email protected].

Author: Liam Houlihan
Share:
Author: Liam Houlihan
Share:

Related Resources

Microsoft Defender for Cloud
Microsoft Defender for Cloud Cloud environments change fast. New workloads, new services and new risks appear daily, often without full visibility or clear ownership. Microsoft Defender for Cloud provides continuous assessment across Azure, hybrid and multi-cloud environments to help organisations understand and reduce cloud security risk. CloudGuard ensures your cloud...
an illustation showing a team of cybersecurity analysts finding the holy grail
SIEM Cybersecurity: Why Your Security Team Deserves Better
It’s a sad truth that today’s Security Operations Centres often face uphill battles. Threat volumes continue to rise with teams now handling an average of 4,484 alerts each day. This level of noise fuels alert fatigue and undermines even the most capable analysts’ effectiveness. Traditional SIEM cybersecurity tools promised greater...
Preventing malvertising attacks with CloudGuard Managed XDR [real-world examples]
You’re at work, rushing to edit a PDF. You Google “PDF editor”, click the first link, and download what looks like the perfect tool. But what if that simple search just opened the door to a cyberattack? That’s exactly what happened here. A user thought they were downloading a harmless...
Four security analysts working on their computers in an office.
CloudGuard Launches Manchester Security Operations Centre to Enhance Cybersecurity for SMEs
Manchester, UK – 27th June 2024 – CloudGuard, a leading Microsoft security automation specialist and Managed Security Services Provider, is thrilled to announce the launch of its Security Operations Centre (SOC) in Manchester.   This strategic move aims to meet growing customer demand, providing 24x7x365 security expertise to both UK and...
microsoft sentinel health check
Microsoft Sentinel: What Being a 2024 Gartner® Magic Quadrant™ Leader Means
Have you heard the news? Microsoft Sentinel has been named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM). This recognition not only highlights Sentinel’s powerful capabilities but also proves its importance to security operations around the globe. Here, we’ll discuss the significance of...
managed soc
Managed SOC vs Managed XDR: Find the Better Solution
Whether you’ve already outsourced your businesses cybersecurity operations or are taking your first steps in finding a provider, you face a crucial decision: which security solution is best? You’ve probably found so many different services and acronyms that it’s starting to feel like an impossible task. That’s why we’ve decided...
How to Control Microsoft Sentinel Costs Without Compromising Security
Understanding Microsoft Sentinel costs can be a daunting challenge, and the first hurdle often lies in understanding how to deploy Sentinel properly. A common issue is that users may accidentally end up incurring unnecessary costs when rushing to deploy it. As a leader in the 2024 Gartner® Magic Quadrant™ for...
5 Key Questions for Cybersecurity Vendor Selection [Your Cheat Sheet]
As part of CloudGuard’s yearly review, our Customer Success leaders ran a survey across UK and Ireland based businesses to understand the challenges that IT leaders experienced when assessing the market for cybersecurity vendor selection. The businesses had a wide variety of cyber solutions, experiences and security maturities. The purpose...
Amazon Filters Achieves 98% Security Automation with CloudGuard MXDR
Press Release Manchester, UK, 09 April 2024 – In the face of escalating cyber threats within the manufacturing sector, Amazon Filters, a prominent UK-based manufacturer of bespoke filtration technology, has strengthened its cybersecurity posture through a strategic partnership with CloudGuard’s Protect Plus MXDR service. Amidst growing concerns over the effectiveness...
Get In Touch

Our Cybersecurity Services Can Instantly Improve Your Business’ Security Posture

Complete the form to find out more about any of our one-off or managed cybersecurity services. Not seeing what you’re looking for? Our cybersecurity consultants and MXDR experts are always on-hand to provide the guidance and support you need.