Health Check Objectives

What we analyse in Microsoft Sentinel

The CloudGuard Microsoft Sentinel Health Check provides in-depth evaluation of your Microsoft Sentinel environment, including Entra/Active Directory integration, connector health, analytical rules, and Microsoft Defender settings. We offer detailed reports and expert recommendations to optimise performance and security, ensuring your Sentinel instance operates at its best to protect your business and data.

  • Summarise the connected Entra/Active Directory connected services and their identified health
  • Identify the Microsoft licenses present and reported in Entra/AD
  • Identify Entra/AD users
  • Identify key User Settings, Conditional Access Policies
  • Identify Group Settings
  • Identify App Registrations
  • Identify External Identities and Federations
  • Identify Configured Identity Providers
  • Review configuration of Sentinel Connectors and associated Health status
  • Review Log Analytics configuration and consumption attributes
  • Review Log Analytics workspaces
  • Review Microsoft Defender connector and settings
  • Sentinel Use Cases and Audit performance

Going a step further

Microsoft Defender

If your business relies on Microsoft Defender solutions, our Microsoft Sentinel Health Check also analyses your configuration settings. We make sure to give priority to integrated Defender services, ensuring your protection spans across all your security domains. Our aim is to pinpoint those crucial settings and alerts that are essential for Microsoft Sentinel to work effectively for you.

Microsoft Entra

You might not realise it, but Microsoft Sentinel’s performance heavily relies on the health of Microsoft Entra (formerly Active Directory). Even though everything might seem smooth on the surface, there could be underlying issues lurking around. Things like conflicting access policies or compromised Multi-Factor Authentication settings could be leaving your users vulnerable. Our Microsoft Sentinel Health Check will seek to uncover any inactive or suboptimal security policies, helping you stick to the best practices and strengthen your overall posture.

Cost optimisation

We also understand the key elements that can drive down Log Analytics costs for you. This includes tailoring custom table ingestion strategies for non-critical log sources, setting up the base retention period for Log Analytics data, devising an effective Log Analytics archive strategy, configuring workspace ingestion, meeting your analytical query and reporting requirements, and ensuring smooth Logic Apps connections and executions.

microsoft sentinel health check
Get in touch

Let’s discuss a Microsoft Sentinel Health Check for your business

Discover how CloudGuard can help you optimise and improve the effectiveness of your Azure Sentinel instance by completing the contact form.