MXDR service offering including the SOC with 24/7 proactive search, monitoring and response features
Our well-established MXDR service offering includes the Security Operation Center (SOC) with 24/7/365 proactive search, monitoring and response capabilities, all based on deep integration with the Microsoft security platform. This solution combines expert-trained technology with human-led services and has been reviewed by Microsoft engineers.
What makes the glueckkanja-gab CSOC offer unique
Our Cloud Security Operations Center is located in Germany. Only experienced and certified security engineers with a high level of technical IT security knowledge work here. We support all IT infrastructures of our enterprise customers as well as OT/IoT, on-premises and various cloud environments. In addition, we use the latest Microsoft security tools to monitor all systems that generate log files (e.g. Checkpoint, CISCO, Fortinet, Windows Servers & Clients, Office 365, Citrix, SAP, Linux). For further information on how to manage your subscription, trial terms, licensing and pricing, please refer to below links, which will forward you to our documentation.
OUR BENEFITS AT A GLANCE
- 24/7 highly qualified investigation and analysis
- The industry's best experts with over 25 years of experience in the Infosec community
- ISO 27001 certified service
- Coverage of the entire infrastructure: OT, IoT, on-premises and multiple cloud infrastructure
- Personal contact rather than an anonymous call center to build a strong analyst-client relationship
What building blocks we offer our CSOC customers
We develop and implement new playbooks for Sentinel to efficiently defend all your systems in the event of an attack. We also leverage the incident response capabilities of Defender for Endpoint, Defender for Cloud, and Defender for Identity, as well as other Microsoft IR capabilities, to quickly contain all types of threats.
We regularly conduct Purple Team Events to validate and test the Microsoft products in use. During these events, our threat experts scan various sources for new threat scenarios. These results are fed into our Detection Engineering Group as well as the findings from our Threat Intelligence Research unit.
CSOC FOUNDATION, SOAR & ENRICHMENT
Our CSOC customers are connected to our CSOC Foundation, which we use to maintain and automatically apply analytic rules, watchlists, and playbooks to our customers. Our Analytic Rule Repository contains more than 1,200 analytic rules that come from the global security community, from Microsoft itself, but also from specific vendors and from our own threat research and detection technology. All these rules are regularly reviewed for quality and adapted to our needs and those of our customers.
EXECUTIVE ANALYSIS & REPORTING
We continuously improve the security posture of your IT by suggesting new settings and configurations based on our best practices (Blueprint) in our monthly CSOC reports.
ACTIVE THREAT HUNTING
Our threat experts have the latest threat research techniques and regularly look for new threats in our customers' Microsoft tenants. This is not only about current incidents, but also about broadening the view of the threat landscape outside the customer environment to identify and respond to emerging threats to customers.
Another advantage of our Security Services is the monitoring of Microsoft Defender for Endpoint Vulnerability Management. Here, we point out current threats on an ad hoc basis and provide you with daily updated lists of all affected systems.