Increasing Security Posture Using Microsoft Security Solutions I Energy Saving Trust
Overview
Energy Saving Trust is an independent organisation dedicated to promoting energy efficiency, low carbon transport and sustainable energy use. Energy Saving Trust is a respected and trusted voice on energy efficiency and clean energy solutions, we continue to work towards a smart, decarbonised, decentralised energy system.
The engagements with Energy Saving Trust and Bytes Software Services were based on providing professional services centred around Microsoft Sentinel & Microsoft Defender Application Control (MDAC). The overall objective of the project was to increase security posture and usage of the Microsoft Security ecosystem. As part of the engagements Microsoft Sentinel was deployed within the environment and configured to provide additional detection and investigative capabilities, whilst MDAC was configured to provide layered preventative controls on endpoint devices to reduce the attack surface.
Challenge
Energy Saving Trust has been leveraging various components of the Microsoft Defender XDR stack as part of the Microsoft E5 licensing suite. The overall objective is to increase security posture within the Microsoft ecosystem by both utilising features under existing licensing entitlements, as well as extending detection and response capabilities using solutions such as Microsoft Sentinel.
In terms of the endpoint devices, Energy Saving Trust sought to improve Windows application security due to rising threats from unauthorised software and malware. Existing controls like Microsoft Defender for Endpoint were not sufficient to ensure only trusted apps ran on corporate devices. Traditional allow-listing was hard to scale as the environment modernised.
The engagements provided by Bytes leveraged expertise by way of professional services to support with this objective.
The Sentinel Modern Security Sessions with Bytes were highly professional and well-structured. The consultant, Gennaro Migliaccio, provided clear guidance throughout the planning, activation, and initial configuration phases, ensuring our team understood each step of the Microsoft Sentinel deployment. The sessions included hands-on knowledge transfer, covering analytical rules, automation playbooks, and workbook configuration, which was invaluable for building internal capability. Bytes demonstrated flexibility in scheduling and were responsive to our queries, even offering to record sessions for those unable to attend. The collaborative approach fostered a positive learning environment, and the consultant was proactive in sharing best practices and troubleshooting technical challenges. Overall, the workshop delivered both immediate value and long-term benefits, equipping our team to manage and optimise Sentinel independently. I would recommend Bytes for their expertise, engagement, and commitment to customer success.
The Bytes Solution
Bytes delivered a comprehensive consultancy program, leveraging Microsoft funding to provide a combination of sessions that planned, configured and implemented Microsoft Sentinel and WDAC.
Microsoft Sentinel was chosen as the solution to provide bolstered detection and investigative capabilities. Along with its integration into Defender XDR for easier management of security incidents that can span outside of Microsoft solutions.
Microsoft Defender Application Control (MDAC) was chosen for its policy-driven control over application execution, strong integration with Microsoft Defender for Endpoint and Intune, and flexible rollout options. These features support Energy Saving Trust’s strategy to increase endpoint resilience with minimal management effort.
Key deliverables included:
• Initial scoping and project kick off to understand Energy Saving Trust’s requirements and current environment.
• Provisioning of Microsoft Sentinel and Log Analytics Workspace into a dedicated Azure Subscription.
• Defender XDR integration, along with the setup of Microsoft Sentinel data lake.
• Data Connector configuration for Microsoft Cloud Services, including Microsoft 365, Azure Activity and Entra ID.
• Analytical rule creation and tuning.
• Workbook implementation for reporting and insights.
• Automation Rules & Playbooks for automated actions.
• Knowledge transfer and handover, focusing on key areas, including: SOC/BAU activities, Analytical Rules and Automation.
• Assessment of the application estate
• Setup & Configuration of base and supplemental user policies
• MDAC deployed in audit mode to gather data and continually improve existing policies
• Workshops provided to the Energy Saving Trust team to understand policy design and management.
Benefits
The engagements provided by Bytes has improved Energy Saving Trust’s cyber security maturity and posture, by providing an implementation of Microsoft Sentinel that can be leveraged to enhance response capabilities to security incidents.
Implementing MDAC, gave Energy Saving Trust a much stronger security posture, ensuring only authorised applications run on its systems. Energy Saving Trust now has better visibility into application activity, reduced malware risks, and a consistent security baseline. Automated reporting and Defender for Endpoint integration allow quick threat responses, while simplified management means ongoing security requires less manual effort.
Bytes will continue to work with Energy Saving Trust to further utilisation of Microsoft Security solutions and leverage further funding programs to continue with the adoption of these technologies.
To find out more about how Bytes can help strengthen your Microsoft Security posture - from Sentinel deployment to MDAC strategy and beyond - get in touch with our team at [email protected]. We’d be happy to talk through your goals and how we can support your organisation.
“It’s been a pleasure working with Akash, who has been very helpful and understood our goals from the outset. While we still have some work to do, the progress we have made would not have been possible without Akash’s dedication and expertise.”