Security Operations Center

Our security team offers the services of the Cyber Security Operations Center (CSOC) as well as regular Security-as-a-Service (SaaS) services and has different models that are available. Individual services can be selected on the basis of support levels, which can cover the entire corporate area of IT security.

Support Level 1: (Communication & Advice - remotely)

• Advice on it-security issues in operation
• Advice on operational decisions on the subject of IT security and information security
• Reporting, analysis & interaction in the event of security-related incidents (No emergency!)

Support Level 2: (Cooperation on site & remotely)

• Support in creating and managing IT security processes
• Advice on IT security issues in projects and companies
• Advice on the development and planning of secure IT infrastructures

Support Level 3: (Emergency Service & Incident Response - On Site & Remote)

• 24/7 availability and retrievability in the event of digital security-related incidents
• Active support for security-related incidents on site and remotely
• Advice, insight or analysis of the security incident on site or remotely
• Support in the implementation and creation of measures and recommendations for action
• Incident Response & Emergency Management

Support Level 4: (Vulnerability Monitoring)

• 24/7 monitoring of known and zero-day vulnerabilities (public & private)
• 24/7 monitoring for leaks of sensitive operational information & relevant data
• Message & follow-up communication to defined interfaces (ticket system, API ...)
• Assessment and analysis of security gaps, weaknesses or vulnerabilities
• Integration of product lists for security-related updates & releases (risk factor)

Support Level 5: (Live Analysis, Insight, Active Monitoring, Prevention, Measures & Interaction)

• Live analysis, insight, active monitoring, prevention, Action & interaction
• Monitoring of log files (Web Server, System & Services) - Web Security
• Alerts Monitoring (Web Server, System & Services) - Web Security
• AV signature monitoring and Updates - Email Security
• Monitoring & testing of cryptographic mechanisms - encryption & cipher
• Monitoring traffic for anomalies or signs of exfiltration
• Data Loss Prevention & management
• Access to resources through framework in increasingly heterogeneous technology environments to meet increasingly stringent compliance requirements (IAM)
• Support of firewall, IDS & IPS evaluation & support - Intrusion Management Services
• Analysis, advice, insight & preventive measures - network security
• Requirements study and situation analysis, creation and updating of security policies, document review, risk analysis, vulnerability scan, data analysis & report / briefing (security assessment)
• Software products and services combine security information management and security event management. (SIEM)
• Vulnerability scanning (Automated) & automated security checks
• Penetration Tests & security audits
• Support for web firewall, filter appliance, security gateway, VPN and proxy
• Automated testing and data evaluation after a defined time interval - web security

Would you like to use individual service level processes that are tailored to your company? Are you interested in integrating the security process of the SOC (Security Operations Center) as a whole mechanism or just the Security as a Service service externally? You are welcome to contact us at any time to check the requirements