Prof. Dr. Alexander Schinner
Partner | Cyber Incident Response & Crisis Center (CIRCC), Business Continuity Management (BCM), Security Operation Center (SOC)
Security Operations Center
Security Operations Center
Proactive defence against attackers and an immediate response to attacks on your company's IT systems are an essential part of protecting your IT infrastructure.
The state is also reacting and demands attack detection systems for critical infrastructure Companies with the IT Security Act 2.0 (IT-SiG 2.0). The costs and the requirements for subject-specific qualified resources are a major challenge. On the other hand, the state is drastically increasing the fines for non-compliance with the requirements of IT-SiG 2.0 to up to EUR 20 million or up to 4% of consolidated revenue.
BDO Cyber Security GmbH can provide you with a Security Operation Centre (SOC) as a service as part of its Managed Security Services.
With our “SOC as a Service” your entire IT organization can be monitored for cyber risks. In the process, hard-to-detect attack patterns are identified at an early stage through a cloud-based Security Information and Event Management (SIEM as a Service), which collects, correlates, and intelligently evaluates security-relevant events within your network. As a result, countermeasures can be taken promptly.
Your Benefits
- Modern and continuously expandable technologies.
- Specially trained and experienced security analysts.
- Mature, widely established best practice procedures from the field of Managed Detection and Response, with automation at many stages.
Security Information and Event Management (SIEM as a Service)
The aggregation, correlation, and analysis of critical and security-relevant events within your network is the task of a Security Information and Event Management (SIEM) system. The goal of SIEM is to reveal unknown behaviour patterns, attacks, or threatening developments.
The BDO SIEM is fully cloud-based upon request, making it feasible for companies of any size. The integration of common threat intelligence providers ensures the most comprehensive identification of potential attacks.
Threat Hunting & Intelligence
Detecting incidents using rules, which match a certain pattern, is a proven and mature method. One of the challenges for detection is that rules require a defined threshold value and a defined detection method.
Threat hunting is a technique used to detect incidents that are below the threshold or are not within the logic configured in the SIEM platform.
This process is carried out regularly by our security experts and incorporates both internal anomalies and external events and indicators, e.g. current threats that have (recently) become known worldwide and their patterns.
Everything from a single source
The services mentioned above can cover the security of your entire network, individual applications, separate system landscapes or areas such as mail traffic, end devices, DNS or cloud infrastructure.
By working with our SOC team, you can recognise the weak points in your IT systems at an early stage, close them and/or monitor them to the desired extent. This allows the technical information security of your organisation to be operated in a comprehensive manner.
You don't need to hire top-tier security specialists, introduce and maintain powerful security technologies or build and maintain in-depth cyber security expertise.
With our SOC as a Service solution, we are your eyes and your protective hand within your IT.