Co-sourced SOC for Nazareth | Case Study

Co-sourced SOC pilot to fixed SOC

We ran a co-sourced SOC pilot at Nazareth College using Microsoft Defender and Sentinel. The pilot improved detections and mapped a clear path to a managed SOC.

Client

Nazareth College

Timeline

SOC pilot: 3 months. Roadmap delivered.

Key Tooling

Defender for Endpoint | Sentinel | Runbooks | Jira

Outcome

Clear evidence of better detection, plus a business case for ongoing SOC services.

Challenge

Nazareth needed stronger detection and a practical way to manage security events without building a full in-house SOC.

What we did

Rolled out Defender for Endpoint across the environment and fed the telemetry into Sentinel.
Built runbooks and tuned correlation rules to cut false positives.
Ran a SOC pilot with 24/7 monitoring and analyst triage, then tuned detections based on what we saw.
Delivered a roadmap and priced option to move from the pilot to a fixed SOC service.

Outcome

The pilot delivered clear detection improvements (around a 67% lift in handling high-risk detections) and confirmed a practical SOC model, with costs mapped out, that Nazareth could adopt.

“Client sign-off pending. The pilot showed us that a co-sourced SOC is a practical next step.”

Nazareth College

Need results like this?

Book a consult and we’ll talk through how we can deliver similar outcomes for your organisation.