UKI local authority strengthens cybersecurity and creates efficiencies with Logicalis and Microsoft Defender XDR


Global, Apr 19, 2024

The customer

Since 2012, Logicalis has been working with a local authority, helping them secure their operations and support their 700+ users. Our goal has been to increase agility and simplify, modernise, secure, and innovate their operations using the latest Microsoft technologies – delivering peace of mind and supporting growth.

The objective

Security threats have been building over the last decade and risen exponentially.  The customer wanted to move beyond reactivity, strengthening their security posture by expanding their SIEM infrastructure for more comprehensive security telemetry, to embed cybersecurity into the fabric of their operations.

The solution

Building on the successful Logicalis Sentinel managed service, we worked with the customer to identify Defender for Endpoint as the next step in the evolution of their SIEM and Endpoint Detection and Response (EDR) ecosystem.

Beginning by implementing Defender for Endpoint, we shifted away from their current EDR provider and freed up licensing costs. Through Logicalis’ expertise, the customer gained a deeper understanding of the holistic XDR solution presented; rather than focusing on endpoints, we integrated more of the customer’s security infrastructure. Working closely with the customer and Security Operations Centre, we created an infrastructure overview to connect the dots of XDR. This collaborative approach enabled active responses to live events and attacks with full 360˚ visibility of incidents. We added further value by troubleshooting, triaging, and accurately identifying, the root cause through extra data points available.  

The business benefits

By integrating multiple elements of XDR, Logicalis identified attacks early in the Kill Chain. Posing as a well-known local distiller, users were susceptible to a 'harmless' click campaign. Logicalis worked quickly and effectively with the customer to take remedial action. By leveraging Microsoft XDR components, we prevented their estate from being compromised, mitigating major risk to the business.

The customer now has a fully managed cybersecurity solution designed to protect their entire operations from internal and external cyber threats, operating 24/7 with cyber threat hunting, detection, response, and remediation capability.

“We have previously worked with Logicalis on our MS Sentinel SIEM Solution, so they had a good understanding of our needs, which their MS Defender XDR proposal fully met.

The migration process was handled professionally with minimal disruption and appropriate support for our internal IS team, helping us understand the new system and tweak it to our needs. Logicalis’ Defender XDR will assist us in disrupting advanced cyberattacks and enable rapid response. Along with our MS Sentinel SIEM, this Defender XDR solution has unified our security operations.  

It’s been great working with Logicalis and successfully onboarding the MS Defender XDR solution within our IS infrastructure. I would highly recommend Logicalis to anyone looking to enhance their IT security posture” - IS Project Lead



Related Insights