Onboarding
For our enterprise customers, ThreatDefence provides a guided onboarding process designed to ensure a smooth transition into our platform and SOC services. This process is supported by our technical specialists and SOC analysts, and is structured into three key stages:
1. Discovery Meeting
Conducted with customer stakeholders (technical, operational, and business).
Establishes the scope of services, key priorities, and success criteria.
Defines log sources, endpoint coverage, and any compliance or reporting requirements.
Confirms escalation contacts, governance expectations, and reporting cadence.
Deployment of ThreatDefence endpoint agents, sensors, and integrations.
Configuration of cloud and SaaS log sources (e.g., Microsoft 365, AWS, Azure, GCP).
Setup of delegated access (e.g., Azure Lighthouse for Sentinel environments).
Validation of data ingestion, alert pipelines, and security telemetry.
SOC assumes 24x7 monitoring and triage responsibilities.
Joint simulation exercises to validate incident declaration and escalation workflows.
Customers are introduced to reporting dashboards, scorecards, and governance reviews.
Regular touchpoints with the SOC team to review findings and provide feedback.
Tuning of detection rules, dashboards, and automations.
Transition to steady-state operations, backed by SLAs and the Operations Manual.
By the end of the guided onboarding process, customers are fully integrated into the ThreatDefence ecosystem, with:
Secure telemetry ingestion and validated monitoring coverage
Clear escalation paths and incident management workflows
Regular reporting and governance established
A baseline for ongoing improvements in detection, response, and security posture
For more details or to schedule your onboarding sessions, please contact your ThreatDefence account manager.
Last updated