Our Managed Extended Detection and Response (MXDR) service offering with 24/7/365 proactive hunting, monitoring and response capabilities built on a seamless integration with the Microsoft Security Platform
Cloud Security Operations Center
Our Managed Extended Detection and Response (MXDR) service offering with 24/7/365 proactive hunting, monitoring and response capabilities built on a seamless integration with the Microsoft Security Platform
24/7 highly qualified investigation & analysis
ISO 27001 certified service
The industry's top experts with more than 25 years of experience in the Infosec community
Coverage of OT, IoT, on-premises and multiple cloud infrastructures
Personal contact to build a strong analyst-client relationship
Threat Intelligence Research, Detection Engineering and Automation
glueckkanja CSOC components
- In Purple Team events we validate our use cases and the Microsoft products we work with
- Our threat experts scan numerous sources for new threat scenarios and emerging trends in cyber attacks
- The results of our threat research and the experience of our analysts are used by the Detection Engineering Group to develop new detections and optimize existing ones
- Comparison of the detections with the MITRE Attack Framework
- Providing the CSOC Foundation where analysis rules, watchlists, and playbooks are maintained for our customers
- Extensive, regularly updated use case repository
- Periodical review of analytic rules for quality and adaptation to customer needs
- Incident enrichment through automated playbooks in Microsoft Sentinel to improve the quality of security analyst decisions
- Optionally, we leverage Copilot for Security to enhance and accelerate our SOC processes
- Our threat experts regularly hunt customer tenants for new, emerging threats and new attack techniques discovered by our threat researchers
- This expands the view of the threat situation of our customers and thus increases the quality of protection
- We continuously improve the analytic rules in the customer repositories and thus increase the security of the customer environments
- Produce monthly CSOC reports with recommendations for new settings and configurations based on our best practices (Blueprint)
- Access to online reports that provide a comprehensive description of the individual security status of the customer
- Microsoft Defender monitoring for endpoint vulnerability management
- Ad hoc notification of current threats and provision of daily updated lists of all affected systems
- Information about the most urgent threats in an easy-to-understand newsletter
This is how we protect your environment and data
Defender for Endpoint
Defender for Cloud
Defender for Office 365
Defender for Cloud Apps
Entra ID Identity Protection
Defender for Identity
Defender for IOT
Microsoft Sentinel
Microsoft Copilot for Security
What Microsoft says
Sponsored by Microsoft *
MXDR Workshop
As one of the few MXDR partners worldwide, we offer a Microsoft-sponsored MXDR workshop: In your environment, we will conduct a time-limited proof-of-concept for our CSOC service. This includes among other things:
- 24/7 monitoring of all connected assets
- Detailed and qualified analysis, hunting and evaluation of incidents
- Incident response based on Microsoft Sentinel playbooks and the IR capabilities in Defender products
- Monitoring of the threat landscape and development of use cases for emerging threats
* Note: The requirement for a funded sponsorship is that Microsoft recognizes the company as eligible.
Step by Step to more IT Security
Initial Security Audit & Recommendations
Initial Security Audit & Recommendations
Roadmap Workshops
Roadmap Workshops
Implementation of Security Solutions
Implementation of Security Solutions
Use Case Planning & Implementation
Use Case Planning & Implementation
Blueprint Matching
Blueprint Matching
Connection of Data Sources
Connection of Data Sources
Initial Baselining
Initial Baselining
Technical Interface Integration & Management
Technical Interface Integration & Management
Technical Onboarding to CSOC
Technical Onboarding to CSOC
Start of Incident Response Service
Start of Incident Response Service
Process Optimization, Playbook Creation & Automation
Process Optimization, Playbook Creation & Automation
Connection of further Data Sources
Connection of further Data Sources
Management of TI (incl. IoC handling)
Management of TI (incl. IoC handling)
Use Case Improvements & Repo Additions
Use Case Improvements & Repo Additions
Extended Automation
Extended Automation
Contact us
In most of our emergency operations, we repeatedly find that the IT was not well enough prepared against attacks. A proactive security check is therefore an efficient investment in more security to reduce downtime.
Jan GeisbauerCyber Security Lead