Who is this for? MSP/MSSP Partners, Security Engineers
The Challenge of Detection Content at Scale
Managing detection rules across dozens or hundreds of customer Sentinel workspaces presents significant challenges:- Inconsistent coverage — Different rules enabled in different workspaces
- Manual deployment — Time-consuming process to deploy or update rules
- No centralized visibility — Difficult to see what’s deployed where
- Change management overhead — Tracking which customers have which versions
Introducing ContraForce CMS
The ContraForce Content Management System (CMS) provides a toggle-based interface for deploying and managing detection rules across all your customer Sentinel workspaces:Centralized Rule Management
- View all available detection rules in a single dashboard
- See deployment status across all customer workspaces
- Toggle rules on or off for individual or multiple customers
Curated Detection Library
- Access ContraForce’s curated library of detection rules
- Rules optimized for common threat scenarios
- Regular updates as new threats emerge
Bulk Operations
- Deploy rules to multiple workspaces simultaneously
- Update rule configurations across your entire customer base
- Roll back changes if needed
How It Works
- Navigate to the CMS module in your ContraForce workspace
- Browse available detection rules
- Select target customer workspaces
- Toggle rules on to deploy
Quick Summary
- Centralize management of detection rules across all customer Microsoft Sentinel workspaces.
- Use a toggle-based CMS interface to deploy, update, and roll back rules at scale.
- Leverage a curated, regularly updated library of ContraForce detection content.
- Perform bulk operations to keep coverage consistent and reduce manual change management.
CMS Module Setup
Deploy the Content Management System
Microsoft Sentinel Module
Connect Microsoft Sentinel
Questions? Contact us at support@contraforce.com.