We’re here to help, so to speak with our team and learn more about how JUMPSEC can benefit your organisation, just complete the below form and one of our team will be in touch.
Threat Protection Envisioning Workshop
Why run this
- Evidence from your tenant. Validate threats and exposures with your real signals so priorities stop being theoretical.
- From findings to fixes. Convert discovery into a short, sequenced plan across identity, email, endpoints, servers, and SIEM.
- Accelerate adoption. Use the workshop to de‑risk pilot steps and secure sponsorship for roll‑out.
What you get
- In‑tenant discovery. Scoped access, targeted data collection, and a clear briefing of what matters and why.
- Mandatory coverage. Defender XDR portal and Cloud Identity Protection (Entra ID Protection, Conditional Access) to strengthen your identity perimeter.
- Choose your focus areas. Sentinel (Unified SecOps), Email Protection, Endpoint and Cloud Apps Protection, Server Protection, Identity Protection, or a Security Copilot demo.
- Prioritised plan. Owners, changes, and a realistic 90‑day adoption path.
Who it’s for
- Baseline: 300–5,000 Entra ID Plan 1 PAU and 250+ monthly active users across Exchange, SharePoint, or Teams.
- Teams ready to act. Ideal for organisations that want quick, defensible wins rather than broad audits.
Format
- Delivered over an extended period.
- Kick‑off to enable and configure required Microsoft technologies in your tenant.
- Data capture typically runs in the background for up to a month.
- Consultants analyse findings and validate risk.
- Final briefing and a sequenced adoption plan.
Client time required
- Scoping and access approvals: 2–2.5 hours total across sponsor, IT, Identity
- Stakeholder working time across the 3-day window:
- Exec sponsor/Risk: 1–2 hours (kick-off + briefing)
- SecOps/IT platform: 5–7 hours (interviews, working sessions, daily stand-ups)
- Identity/Email owners: 2–3 hours
- Final briefing and plan: 60–90 minutes (mixed audience)
- Optional change window during the week (technical): 2–4 hours
- Total across roles: 8–12 hours
- Typical per role: Exec 1.5–2.5 hours; Core SecOps/IT 6–9 hours; Other owners 1–3 hours
Questions to consider
Which identity conditions should block by default in your environment?
What telemetry is missing for rapid investigation and containment?
Which high risk use cases should we simulate to validate detections?
What change management steps are needed to move findings into production?
