Managed Detection and Response Services – Secure!
Cyber security cannot be purchased once, it is the result of ongoing MDR measures by a professional CDC
Cyber Care: Your IT Security in the Best Hands
In order to increase IT security, it is common practice in many places to purchase expensive security tools - in the reassuring assumption that companies are thus on the safe side in the long term. But this is a misconception. Cyber security cannot be produced out-of-the-box. Rather, it requires professional Managed Detection and Response Services (MDR) that are tailored to the individual needs of your company. In addition, experienced experts and analysts who monitor your IT infrastructure 24/7 in a Cyber Defense Center (CDC) respectively Security Operations Center (SOC) are indispensable.
The CDC - the heart of IT security
To ensure smooth business and IT operations, it is necessary to continuously collect, correlate and evaluate security-related data. Of course, you can try to set up your own CDC/SOC and implement the necessary MDR measures in-house. However, practical experience shows that such efforts often fail due to the lack of specialists and the technical complexity of the challenge. That's why you should rely on our experienced security experts to seamlessly monitor your IT security as a managed detection and response service, thus ensuring your cyber security in the long term.
Professional Managed Detection an
Professional Managed Detection and Response Services From a Single Source
Cyber Security Strategy Workshop
Customized MDR services
24/7 monitoring of your sensor technology in the CDC
In the Cyber Security Strategy Workshop, we determine which security solutions you are already using and how high your IT security is. In addition, we define systems and company areas that are particularly worthy of protection (scoping) and conduct a gap analysis along your individual IT infrastructure (assessment) using proven frameworks such as the 20 CIS Controls. The gaps identified in this way form the basis of your individual security strategy.
In the practical implementation of your individual security strategy, we are guided by your existing IT infrastructure - regardless of whether you operate it in a data center, in a public cloud or in a private cloud. We provide vendor-neutral advice and work with you to select the right security sensor technology. We prefer the established solutions of the renowned cloud providers Microsoft, Google, and Amazon Web Services (AWS).
Depending on the technology, we link the sensor technology with your IT infrastructure. The sensor data collected across systems flows into a SIEM system for the necessary correlation. As part of our Managed Detection and Response Service, our experts at the CDC resp. SOC analyze incoming alerts and assess whether they are false positives or critical incidents. If this is the case, we initiate predefined response measures that can run partially automatically.
Reliable MDR Services and Professional CDC for Your Safety
We understand cyber security as an ongoing process in the course of which we successively monitor your IT infrastructure including data, systems and devices.
Thanks to correlation, we detect anomalies, such as conspicuous user behavior, as reliable indications of imminent or acute cyber attacks.
To be prepared for a hacker attack, we work with you to define tailored packages of measures (runbooks) for various attack scenarios.
In the event of an attack, our experts at the CDC resp. SOC decide which prepared packages of measures are to be applied or whether ad hoc measures are required.
Rely on our many years of experience and expertise as a full-service provider that supports you along the entire IT value chain.
Frequently Asked Questions About Managed Detection and Response
How does a Cyber Defense Center (CDC) work?
A CDC is a group of experts - usually external - that protects not only the IT infrastructure but also systems, end devices and data from threats by integrating, monitoring and analyzing all security-relevant systems and, in the event of an attack, introducing predefined ad hoc measures or deriving recommendations for action in line with requirements (situational awareness).
How does Managed MDR work?
Managed Detection and Response (MDR) is a service in which analysts and security engineers in a CDC permanently monitor the IT security of companies to identify potential security threats and defend against them with (partially automated) packages of measures.
What is Detection about?
Detection is used to detect a cyber threat or hacker attack by having security experts collect sensory data from various sources 24/7 and correlate it in a SIEM system. With such an evaluation, valid conclusions can be drawn about acute threats.
What is Managed SIEM?
Managed SIEM (Security Information and Event Management) is a service in which CDC staff correlate and evaluate messages, alarms, and log files from various devices, network components, applications, and security tools in a SIEM system in real time. This makes security-critical anomalies and other anomalies recognizable.
What is Managed XDR?
Managed Extended Detection and Response (XDR) is primarily about detecting potential or acute security incidents (detection) and responding to the situation in the CDC (response). The technology is based on the automatic collection and correlation of data at multiple security levels, such as emails, devices, servers, cloud workloads and networks.
What are the 20 CIS Controls?
Developed by the Center for Internet Security (CIS), the 20 CIS Controls tell organizations to what extent and with what defenses they are prepared for any cyber attacks within the 20 domains.
What is the MITRE ATT&CK Framework?
As a comprehensive database, the MITRE ATT&CK Framework lists all known attack techniques and hacker groups (Advanced Persistent Threats, or APTs for short) together with the attack technique used on a daily basis, and explains how companies can recognize them and what measures make sense to ward off any threats. This makes the MITRE ATT&CK Framework the central data source for CDCs worldwide.
What is the NIST Framework?
The National Institute of Standards and Technology (NIST) Cybersecurity Framework is intended to be a prioritized, flexible, repeatable, performance-based, and cost-effective approach-including measures and controls-that organizations can use to identify, assess, and mitigate cyber risks.
What happens during Incident Response?
Incident Response is used to avert an imminent attack or to remove hackers who have infiltrated the organization. Since such a major security incident poses an acute and existential threat to companies, any measures are taken directly on site at the affected organization.