Designed by our team of expert, Azure-certified developers, CYBERSHIELD IDR is an incident management and response platform created specifically for Microsoft Azure Sentinel

It provides more information and a better user experience for both you and our SOC, giving you a better view of your cyber security status. Advanced detection & response functionality, threat hunting, and analytical rule control are just a small selection of the functionality CYBERSHIELD IDR offers



CYBERSHIELD IDR has been designed to provide all the advanced analytics and data you need from a single pane of glass. The dashboard presents information intuitively and visually, whilst also providing interactivity and customisation

All of this empowers you to easily locate, analyse, and drill down into the data you need as well as discover how it relates to incidents within your network



Advanced threat intelligence, related entity, and analytical rule control modules effectively identify incident risk, allowing for cyber security analysts to prioritise threats

Being able to easily categorise and set risk levels for threats enables security teams to avoid wasting time on threats that could be dealt with by automation or a lower-level analyst



Incident handling, vulnerability management, and any other system within the platform is seamlessly accessible from anywhere. This ensures that collaboration across security teams, locations, and different SOCs is easy

The platform updates in real-time to any changes made and icons show who is viewing a ticket at any given time, ensuring that multiple analysts can work on the same incident without confusion. This allows for rapid response to threats that aren’t achievable with conventional incident response platforms



Threat hunting, threat intelligence, vulnerability management, and more combine to create a platform that is highly effective at monitoring, identifying, analysing, and eliminating cyber threats

Our purpose-built ticketing and case management system provides more information and functionality than a standard Microsoft Azure Sentinel environment. Users can manage and escalate tickets easily, allowing an unparalleled level of collaboration within security teams


CYBERSHIELD IDR is an incident management and response platform, designed by our team of expert developers. This purpose-built, state-of-the-art system has been created specifically for Microsoft Azure Sentinel to provide more information and a better user experience for you and your SOC


Analytical Rule Control Module (ARC)

Designed to allow your SOC to easily manage, build, and design rules and use cases, the ARC module greatly expands upon Microsoft Azure Sentinel’s native functionality in this area. Rules are mapped to the MITRE ATT&CK framework, use case catalog, and data connectors, allowing statistics to be automatically generated for users

Your own playbook can also be integrated to directly affect these rules


Related Entity Module (REM)

Integrating and syncing with the Azure Active Directory (AD), REM provides the ability to add synced assets directly to tickets as well as manually add entries such as IPs, domains, and URLs

REM also integrates with Identity Protection and VirusTotal, flagging up instances of risky users and sign-ins as well as automatically cross-checking entities


Vulnerability Management Module (VM)

By syncing CVE data directly from Microsoft, VM is able to automatically create tickets within CYBERSHIELD IDR by correlating data present within your system. It can then assign CVE data, software, and affected device information to tickets, greatly improving the ability for analysts to investigate threats

VM is also able to automatically send alerts to relevant parties for remediation, as well as provide progress and status updates


CYBERSHIELD Threat Intelligence Module (TI)

CYBERSHIELD TI allows your SOC to make quick, evidence-based decisions and eliminate threats with ease. Powered by Recorded Future and Palo Alto Networks, industry leaders in threat intelligence and cyber security services, CYBERSHIELD TI correlates vast amounts of external intelligence with our own internal threat data to allow analysts to confidently analyse and respond to threats in real-time


Ticket & Case Management


Detection & Response Functionality


Threat Hunting


Mobile App


Dashboard & Analytics

IDR Screen



Access your incident management & response platform from anywhere, any time

  • Designed for CISOs and SOC analysts, the CYBERSHIELD IDR mobile app provides an intuitive interface and advanced functionality and can be optionally deployed to all users within your organisation, if required
  • CISOs gain access to real-time alerts, ticket remediation capabilities, and a complete, holistic view across your organisation’s security posture
  • SOC analysts can view their performance statistics, manage active tickets, instantly message their colleagues, and much more
  • Standard users can view their open tickets, recent threats associated with them, useful cyber security information & guidance, holiday notifications, instantly message their SOC team, and access geolocation services

Your business, our mission

Wizard Cyber offer enterprise-grade, cost-effective cyber security solutions. As a Gold Certified Microsoft Partner and Azure Certified Expert MSP, we utilise our experience in Microsoft Azure Sentinel to provide the highest level of protection possible to customers of any industry and size

Our team of talented and experienced cyber security professionals are dedicated to providing the best service possible for our customers, regardless of their requirements and situation

Get in touch with us today to discuss your cyber security concerns or to find out how you can achieve complete protection against cyber-attacks and data breaches

Director Global Enterprise Sales

Customer Success Stories & Case Studies

Let's talk about your requirements

Please fill out the form below or call us directly on +44 (0) 333 311 0121