Workplace
Microsoft 365-powered for smart, secure, and flexible workspaces, seamlessly integrating cutting-edge technologies and identity services.
Contact
Security
Vigilance in the cloud with an award-winning 24/7 managed service, incident response and state-of-the-art protection for your infrastructure.
Company
Pioneer in the Cloud: Your top Microsoft partner for comprehensive cloud solutions with a Blueprint-based approach and Infrastructure-as-Code expertise.
Contact
Cloud Security Operations Center

Our Managed Extended Detection and Response (MXDR) service offering with 24/7/365 proactive hunting, monitoring and response capabilities built on a seamless integration with the Microsoft Security Platform

Cloud Security Operations Center

Our Managed Extended Detection and Response (MXDR) service offering with 24/7/365 proactive hunting, monitoring and response capabilities built on a seamless integration with the Microsoft Security Platform

Cloud Security Operations Center
Visual Microsoft
What is the Cloud Security Operations Center

24/7 highly qualified investigation & analysis

ISO 27001 certified service

The industry's top experts with more than 25 years of experience in the Infosec community

Coverage of OT, IoT, on-premises and multiple cloud infrastructures

Personal contact to build a strong analyst-client relationship

Threat Intelligence Research, Detection Engineering and Automation

glueckkanja CSOC components

Incident Response
  • Leverage incident response capabilities in Defender for Endpoint, Defender for Cloud, and Defender for Identity, as well as other Microsoft IR capabilities, to quickly contain all types of threats
  • Development and deployment of new playbooks for Sentinel on a regular basis to ensure efficient defense for all systems
Threat Intelligence
  • In Purple Team events we validate our use cases and the Microsoft products we work with
  • Our threat experts scan numerous sources for new threat scenarios and emerging trends in cyber attacks
CSOC Foundation, SOAR & Enrichment
  • The results of our threat research and the experience of our analysts are used by the Detection Engineering Group to develop new detections and optimize existing ones
  • Comparison of the detections with the MITRE Attack Framework
CSOC Foundation, SOAR & Enrichment
  • Providing the CSOC Foundation where analysis rules, watchlists, and playbooks are maintained for our customers
  • Extensive, regularly updated use case repository
  • Periodical review of analytic rules for quality and adaptation to customer needs
  • Incident enrichment through automated playbooks in Microsoft Sentinel to improve the quality of security analyst decisions
  • Optionally, we leverage Copilot for Security to enhance and accelerate our SOC processes
Active Threat hunting
  • Our threat experts regularly hunt customer tenants for new, emerging threats and new attack techniques discovered by our threat researchers
  • This expands the view of the threat situation of our customers and thus increases the quality of protection
Continuous Improvement
  • We continuously improve the analytic rules in the customer repositories and thus increase the security of the customer environments
  • Produce monthly CSOC reports with recommendations for new settings and configurations based on our best practices (Blueprint)
  • Access to online reports that provide a comprehensive description of the individual security status of the customer
Vulnerability Monitoring
  • Microsoft Defender monitoring for endpoint vulnerability management
  • Ad hoc notification of current threats and provision of daily updated lists of all affected systems
  • Information about the most urgent threats in an easy-to-understand newsletter
Customer Stories

Uniper relies on M365 and CSOC

Uniper Casestudy
With the introduction of Microsoft 365 and other services from award-winning partner glueckkanja, Uniper transformed its workplace culture and optimized collaboration and security across the organization.

This is how we protect your environment and data

Defender for Endpoint

Defender for Cloud

Defender for Office 365

Defender for Cloud Apps

Entra ID Identity Protection

Defender for Identity

Defender for IOT

Microsoft Sentinel

Microsoft Copilot for Security

What Microsoft says

Sponsored by Microsoft *

MXDR Workshop

As one of the few MXDR partners worldwide, we offer a Microsoft-sponsored MXDR workshop: In your environment, we will conduct a time-limited proof-of-concept for our CSOC service. This includes among other things:

  • 24/7 monitoring of all connected assets
  • Detailed and qualified analysis, hunting and evaluation of incidents
  • Incident response based on Microsoft Sentinel playbooks and the IR capabilities in Defender products
  • Monitoring of the threat landscape and development of use cases for emerging threats

* Note: The requirement for a funded sponsorship is that Microsoft recognizes the company as eligible.

Step by Step to more IT Security

Initial Security Audit & Recommendations
Initial Security Audit & Recommendations
Roadmap Workshops
Roadmap Workshops
Implementation of Security Solutions
Implementation of Security Solutions
Use Case Planning & Implementation
Use Case Planning & Implementation
Blueprint Matching
Blueprint Matching
Connection of Data Sources
Connection of Data Sources
Initial Baselining
Initial Baselining
Technical Interface Integration & Management
Technical Interface Integration & Management
Technical Onboarding to CSOC
Technical Onboarding to CSOC
Start of Incident Response Service
Start of Incident Response Service
Process Optimization, Playbook Creation & Automation
Process Optimization, Playbook Creation & Automation
Connection of further Data Sources​
Connection of further Data Sources​
Management of TI (incl. IoC handling)​
Management of TI (incl. IoC handling)​
Use Case Improvements & Repo Additions
Use Case Improvements & Repo Additions
Extended Automation​
Extended Automation​

Geballtes Security Know-how

MISA Member
Advanced Specialization
Allianz Cyberwehr
ISG Cyber Security Rising Star

Contact us

Jan Geisbauer
In most of our emergency operations, we repeatedly find that the IT was not well enough prepared against attacks. A proactive security check is therefore an efficient investment in more security to reduce downtime.
Jan GeisbauerCyber Security Lead

We look forward to
hearing from you!