3:[["$","$L14",null,{"locale":"en"}],["$","script",null,{"dangerouslySetInnerHTML":{"__html":"\n if (document.documentElement) {\n document.documentElement.lang = \"en\";\n }\n "}}],["$","$L13",null,{"children":["$","$L15",null,{"children":[["$","$L16",null,{"messages":{"homepage":{"posts":{"headline":"Choose your topics:"},"success_stories":{"borussia":{"description":"As a Bundesliga club, Borussia Mönchengladbach is in the public spotlight not only on the pitch, but also in the digital realm. Increasing digitalization - from ticketing to medical technology - places high demands on IT security. With our SOC service, based on the Google SecOps platform, the club gains transparency over security-relevant data streams, detects attacks at an early stage, and meets key requirements of the NIS2 directive.","image_description":"Successful collaboration with our partner BORUSSIA M'gladbach"},"oqema":{"subheadline":"OQEMA Germany","description":"OQEMA is growing continuously - both organically and through mergers & acquisitions. This growth brings challenges for IT security, particularly in connecting new infrastructures and complying with the NIS2 directive. With suresecure's SOC service, based on the Google SecOps platform, OQEMA has found a scalable solution that detects compromised systems early, prevents infections, and provides a predictable cost structure.","image_description":"Successful collaboration with our partner OQEMA Germany"},"walbusch":{"subheadline":"WALBUSCH GROUP","description":"The Walbusch Group has achieved an important milestone in IT security with the implementation of a modern Security Operations Center (SOC). From a solid start with an on-premise solution to the scalable Google SecOps platform: The cloud brought new opportunities, more efficiency, and an optimal cost structure for Walbusch. With suresecure as a partner, the Walbusch Group ensures 24/7 monitoring and protection of sensitive data.","image_description":"Successful collaboration with our partner Walbusch Group"},"bigdirektgesund":{"subheadline":"BIG DIREKT GESUND","description":"BIG became a victim of a cyber attack that was detected in time thanks to a Managed Detection & Response service provider, preventing greater damage. However, the incident revealed vulnerabilities - such as the lack of central log analysis through a SIEM - and also led to the cancellation of cyber insurance. A wake-up call that led to contact with suresecure.","image_description":"Successful collaboration with our partner BIG direkt gesund"},"intermed":{"subheadline":"ISG Intermed Services GmbH & Co. KG","description":"As a critical infrastructure company in healthcare, ISG Intermed Services GmbH & Co. KG faces complex challenges in cybersecurity. Between sensitive laboratory data, critical hospital logistics, and regulatory requirements such as IT Security Act 2.0, BSI-KritisV, and NIS2 directive, this success story shows how ISG Intermed strengthens its cyber resilience through targeted measures for visibility, compliance, and attack detection - despite limited resources.","image_description":"Successful collaboration with our partner ISG Intermed Services GmbH & Co. KG"}}},"general":{"book_meeting":"Book Meeting","previous":"Previous","next":"Next","more_information":"More Information","to_cyberaudit":"To Cyberaudit","contact_us":"Contact us","contact_us_now":"Contact us now","load_more":"Load More","contact_man":"Your Contact","contact_woman":"Your Contact","press_contact":"Press Contact","published_on":"Published on","more_articles":"More Articles","request_cyber_audit":"Request Cyber Audit","your_contact":"Your contact","show_me_the_bundles":"Show me the bundles","contact":"Contact","read_more":"Read More","clear_all_filters":"Clear All Filters","filter_events":"Filter Events","download_whitepaper":"Download Whitepaper","download_now":"Download Now","apply_now":"Apply Now","get_in_contact":"Get in contact","our_services":"Our Services","our_awards":"Our Awards","follow_us":"Follow us","imprint":"Imprint","whistleblower_system":"Whistleblower System","terms_and_conditions":"Terms and Conditions","privacy_policy":"Privacy Policy","get_in_touch_with_us":"Get in touch with us","salutation":"Salutation","first_name":"First name","last_name":"Last name","business_email":"Business Email","comment":"Comment","i_accept":"I accept the","privacy_policy_small":"privacy policy","and_agree_to":"and agree to the processing and storage of my data.","i_would_like_to_receive":"I would like to receive the suresecure newsletter regularly.","submit":"Submit","mr":"Mr","mrs":"Mrs","event_location":"Event Location","at_a_glance":"At a glance","location":"Location","date":"Date","theme":"Theme","languages":"Language(s)","employment_type":"Employment Type","here":"Here","contact_sent":"Contact sent","we_will_get_back_to_you":"We will get back to you as soon as possible","error":"Error","something_went_wrong":"Something went wrong"},"services":{"subheadline":"Prevent, Detect, and Respond","headline":"Comprehensive IT Security","stage":{"headline_1":"Consulting and","headline_2":"Service","paragraph_1":"Wherever the path leads - it should be secure. The key is strategic consulting, planning, and implementation to protect information and technology. We accompany you on the path to future-proof IT and information security management.","paragraph_2":"Our individual consulting for information security management is oriented towards the needs of your company.","paragraph_3":"We always consider IT security in the overall context: Our services are not limited to just the digital processes and technologies used by the company, but also take into account challenges in the organizational area to ensure comprehensive security of business processes."},"cards":{"prevent":"Preventive IT security measures prevent security incidents and attacks before they occur. Advanced technologies detect and block threats early on to avoid damage and proactively protect systems.","prevent_button":"Prevent","detect":"The detection of IT security incidents aims at early identification of threats. Advanced technologies enable quick response and neutralization of attacks, keeping systems protected and responsive.","detect_button":"Detect","respond":"Responding to IT security incidents aims at quickly and effectively managing problems. Through targeted measures, damage is minimized and security is restored to return systems to normal state as quickly as possible.","respond_button":"Respond"},"prevent":{"stage":{"headline_1":"Prevent","headline_2":"Prevent Security Incidents","description":"Prevent security incidents before they happen! Our cybersecurity experts focus on eliminating potential risks from the start. Find out how we help protect your company from security vulnerabilities and minimize the attack surface. Learn how preventive security strategies can give you an edge in the fight against cybercrime."},"card_1":{"description":"We scan external systems for vulnerabilities, open ports, domains, and the Dark Web. This regular external scan is part of the cyber audit to improve the security rating.","button_text":"Cyber Audit"},"card_2":{"description":"Cyber insurance requires continuous cybersecurity as insurers' requirements increase annually. It's about staying insured permanently, which involves three essential pillars.","button_text":"Cyber Insurance"},"card_3":{"description":"Our assessment identifies assets, machines, and networks, creating a contextualized inventory. We then generate a digital cyber twin for security analysis without impacting operations.","button_text":"OT Assessment"},"card_4":{"description":"Our Professional Services offer comprehensive solutions from consulting to implementation. The scope of work is defined in advance, and our expertise enables a wide range of services.","button_text":"Professional Services"}}},"cyber_audit":{"stage":{"subheadline":"Identify vulnerabilities before others do","headline_1":"Full-Service","headline_2":"Cyber Audit","description":"We've given this some thought. Checks and audits are everywhere, but often insufficient. For us, a complete cybersecurity assessment also means considering insurability and verifying compliance with legal requirements such as NIS2."},"check_up_section":{"subheadline":"Your Check-Up Examination","headline":"You want to know:","card_1":{"headline":"Where are my IT and OT vulnerabilities?","description":"What do we check? Data Handling, Technical Security, Organizational Security, Detection & Response, Cashless Payment, Continuity Management, Operational Technology, and External Service Provider."},"card_2":{"headline":"Which NIS2 requirements must I implement?","description":"The NIS2 directive increases requirements for many companies. With our check, we also examine which requirements are relevant for your company. After the cyber audit, we provide a roadmap to NIS2 readiness."},"card_3":{"headline":"Am I currently insurable?","description":"Insurability with a cyber policy is a good indicator of strong cyber resilience. Insurers' requirements are constantly increasing, making assessment against these requirements very purposeful. If there's interest in insurance, we can approach insurers with this basis.","button_text":"Go to Cyber Insurance"}},"whats_included_section":{"subheadline":"What's included?","headline_1":"Your Cyber Audit","headline_2":"Your Output","description":"Sounds great, but what's included? Our setup for a comprehensive cyber resilience assessment looks like this:","bulletpoint_1":"Audit dialogue with Security Consultant","bulletpoint_2":"External Security Scan","bulletpoint_3":"Detailed report including Management Summary and recommendations","bulletpoint_4":"Roadmap for potentially necessary projects","bulletpoint_5":"Optional: Analysis of potential insurers including insurance offer"},"quick_section":{"subheadline":"What does an External Security Scan do?","headline_1":"Quick Identification","headline_2":"Critical Areas","description":"We scan externally accessible systems for vulnerabilities. This includes checking open ports, domains, and the Dark Web to provide a comprehensive analysis. This external scan is an integral part of the cyber audit and should ideally be performed regularly to sustainably improve the rating.","bulletpoint_1":"Verification of all registered domains for vulnerabilities","bulletpoint_2":"Analysis of external IT infrastructure according to BSI standards and recommendations","bulletpoint_3":"Dark Web scan to identify suspicious data sets"},"benchmark_section":{"subheadline":"Download Sample Report","headline_1":"The Cyber Audit -","headline_2":"The New Benchmark","description":"To understand how comprehensive a cyber audit can be, the best way is to view a sample report. We provide this here and are of course available for any questions.","bulletpoint_1":"153 Test Parameters","bulletpoint_2":"10 Categories","bulletpoint_3":"1 Hour Interview"}},"cyber_insurance":{"stage":{"subheadline":"We insure the biggest business risk of today","headline_1":"We insure","headline_2":"Cyber","description":"Not directly ourselves, but through our sister company - securance GmbH. The specialist broker for cyber insurance. As a group of companies, we ensure complete coverage of all cyber risks. We know what matters. We have the network, concepts, competence, and experience to protect you optimally for the worst case. Technically, organizationally, and financially."},"info_card_section":{"subheadline":"test","headline":"IT security incidents can be expensive","description":"What's the status?","card_1":{"headline":"I want to extend my insurance","description":"You have an existing cyber policy and want to extend it? That's great because we can evaluate it and develop optimization potential for you. Our cyber audit lays the foundation for this."},"card_2":{"headline":"I can't get an extension","description":"You can't extend your current cyber insurance because of new requirements or a recent incident? There are always ways, and together we'll find a path back to insurability. Our cyber audit lays the foundation for this."},"card_3":{"headline":"I need insurance","description":"You don't have insurance and need one? Then the path through our cyber audit is the only right way to quickly and efficiently check possible insurability."}},"bringing_together_section":{"subheadline":"BRINGING TOGETHER WHAT BELONGS TOGETHER","headline_1":"Cyber Insurance","headline_2":"& Cybersecurity","description_2":"Why is a cyber insurance important? The answer is in our secure mag!","bulletpoint_1":"Consultation and evaluation of the current situation","bulletpoint_2":"Cyber coverage","bulletpoint_3":"Damage management & Services"},"quotation_card":{"quote":"A well-maintained cybersecurity profile means cost-efficient insurance options for the company."},"special_concept_section":{"subheadline":"A cycle that both need","headline_1":"Special concept for","headline_2":"special protection","description":"Cyber insurance and cybersecurity work synergistically. A good cybersecurity leads to a good insurability and an optimized cyber police. That's why it's so important to constantly challenge the requirements with the status quo. We therefore check annually and proactively for sustainable insurability. You can expect:","bulletpoint_1":"Optimized insurance offers with clear performance building blocks","bulletpoint_2":"External security scan to identify vulnerabilities","bulletpoint_3":"Recommendations for actions to address vulnerabilities in the context of NIS2","bulletpoint_4":"Proactive planning and budgeting of necessary measures based on audit results","bulletpoint_5":"Integration of audit results into a tailored crisis and emergency plan"},"animated_section":{"animated_item_1":{"headline":"Securance Questionnaire","bulletpoints":["Evaluation of the Cybersecurity Architecture","Our IT consultants analyze the results","Questionnaire is accepted by all insurers"]},"animated_item_2":{"headline":"Audit Dialog","bulletpoints":["Together with representatives of your company, securance, and our IT security consultants (approx. 120 minutes)"]},"animated_item_3":{"headline":"Report Creation","bulletpoints":["Audit result / Insurance Score","Recommendations","Assessment of insurability"]},"animated_item_4":{"headline":"Offer Creation","bulletpoints":["The required offer is created based on the information received"]},"animated_item_5":{"headline":"Police Completion"}}},"managed_soc_for_ot":{"stage":{"subheadline":"We Bring Light into Production Halls","headline_1":"OT Assessment","headline_2":"with OTORIO","description":"With our assessment, we automatically visualize the entire inventory of OT, IoT, and IT assets in the OT environment using industrial and secure protocols and methods. Sounds difficult? It's not trivial either."},"intro_section":{"subheadline":"Top Challenges in the OT Sector","headline_1":"Availability beats Visibility","cyber_icon_card_1":{"title":"Legacy Systems","description":"Old machines without a security-by-design approach and with fundamentally different protocol structures are difficult to monitor using classical IT approaches."},"cyber_icon_card_2":{"title":"Assets & Maintenance","description":"Who knows all the systems in the OT environment? Often, a complete asset management is missing. How can you protect what you don't know?"},"cyber_icon_card_3":{"title":"Incident Response","description":"In the OT context, different strategies are needed to react effectively to anomalies."}},"hacker":{"subheadline":"On the Trail of the Hackers","headline_1":"With Availability","headline_2":"to Transparency","description":"We have developed a way to process and prepare OT data in our Managed SOC in a way that is effective. The availability must not suffer under the implementation of sensors, because the international manufacturers have understood the pain of the decision-makers. It obviously doesn't work without a kind of sensor either. In an implementation project, these sensors are installed, and an automatic asset query is started immediately. The found assets are collected, defined, and ultimately converted into a digital twin. This is extremely important, because this way the entire further processing of the data cannot affect the production environment."},"all_in":{"subheadline":"We go all-in with the service","headline_1":"We pack it in:","headline_2":"Managed SOC for the OT","description":"With a Managed SOC including OT log files, the likelihood of a follow-up severe cyber attack is further reduced. Blind spots disappear, and a more comprehensive monitoring and transparency over the entire infrastructure of the company are created. The structure and components are almost identical: Also the Managed SOC for OT requires the right selection of People, Processes, and Products. The perfect mix is decisive for the right output and the profitability of a Security Operations Center. This creates an interdisciplinary team that ensures 24x7 with clear processes and escalation levels as well as a high degree of automation that optimally protects the scalable architecture with SIEM and SOAR."},"people":{"subheadline":"People","headline_1":"Our Team at","headline_2":"the Control Center","description":"The SOC in Managed SOC - stands for Security Operations Center and is an organizational unit that would not exist without the expertise of the people who are active here. We are proud to have so many passionate experts for us and combine here Platform- and Detection-Engineers, Incident- and SOC-Analysts, DevOps, Consultants as well as Incident Managers. We train them continuously to be on the pulse of the times. We have already developed the appropriate defensive concept for new attack patterns. So we can provide individual Detection Rules and Playbooks for our partners."},"standards":{"subheadline":"Standards ensure constant quality in the Managed SOC","headline_1":"How a good","headline_2":"machine is made","description":"Unique processes and clear escalation levels create efficiency in the Managed SOC - as well as a high degree of automation through Detection Rules and Playbooks. So the analysts and analysts can concentrate exclusively on relevant alerts. If a critical alert is identified, our Incident Management process starts immediately with the provision of an Incident Manager and the CIRT."},"protected":{"subheadline":"Protected 24/7","headline_1":"Our Managed SOC has","headline_2":"Google Speed","description_1":"We are Google Cloud Security Partner and proud to be one of the few providers to fully implement Google SecOps. Google has been in the field of search and analysis since the beginning - based on the evaluation of the entire internet. With Google Security Operations, clear dashboards are available that make anomalies immediately visible. Through the intuitive system, processes can be traced back to the last detail based on the corresponding log sources. Our analysts then enter a deep forensic analysis if necessary - supported by fixed processes and defined detection metrics. So we can immediately provide a Cyber Kill Chain.","description_2":"With Google SecOps, a SIEM and SOAR solution was brought to market that impresses with enormous speed and the integration of the databases from Mandiant and VirusTotal. These databases flow into Google Threat Intelligence (GTI) - the largest cybersecurity database in the world."},"faq_section":{"headline_1":"Frequently Asked Questions","faq_1":{"headline":"What distinguishes SOC IT from SOC OT?","description_1":"A classic SOC focuses on IT systems like servers, networks, and devices. In OT environments, on the other hand, it is about production facilities, machines, and industrial control systems. Here, availability and process security are in the foreground - which is why monitoring and reaction must be particularly sensitive and adapted to the specific requirements."},"faq_2":{"headline":"Is the Managed SOC compatible with my OT?","description_1":"The SOC works with passive monitoring techniques and specifically tuned rules to avoid disruptions. Alerts are triggered risk-based, and escalations are always in close coordination with OT teams. The goal: maximum security with 0% downtime."},"faq_3":{"headline":"What threats does a Managed SOC OT detect?","description_1":"For example, unauthorized access to control systems, altered communication behavior, weaknesses in legacy systems, or the introduction of malware (e.g. via USB). Also suspicious remote connections or known attack vectors like “Living off the Land” are detected immediately."},"faq_4":{"headline":"How quickly does a Managed SOC react in an emergency?","description_1":"A Managed SOC is active 24/7/365. In the event of an incident, the escalation takes place immediately, based on previously defined processes and possibly Playbooks. This ensures that affected systems are protected before a damage occurs"},"faq_5":{"headline":"How does a Managed SOC affect production?","description_1":"The SOC works with passive monitoring techniques and specifically tuned rules to avoid disruptions. Alerts are triggered risk-based, and escalations are always in close coordination with OT teams. The goal is maximum security with 0% downtime."}},"references_section":{"subheadline":"References","headline_1":"Companies with","headline_2":"strong cyber defense"},"whitepaper_section":{"subheadline":"secure mag","headline_1":"Managed SOC for OT","headline_2":"We open the machine room and show how it works.","description":"In this secure mag you will learn:","bulletpoint_1":"What is in the SOC service and how it works","bulletpoint_2":"How security incidents can be professionally and legally managed with integrated incident management","bulletpoint_3":"How an efficient and fast onboarding leads to a successful partnership","file_description":"Managed SOC for OT","button_text":"Download secure mag"}},"ot-security":{"stage":{"subheadline":"We Bring Light into Production Halls","headline_1":"OT Assessment","headline_2":"with OTORIO","description":"With our assessment, we automatically visualize the entire inventory of OT, IoT, and IT assets in the OT environment using industrial and secure protocols and methods. Sounds difficult? It's not trivial either."},"info_card_section":{"subheadline":"OT Requires Foundational Work","headline":"These Three Points are Essential","card_1":{"headline":"Establish Visibility","description":"Legacy systems, missing asset management, grown structures: If we don't know what awaits us in the OT environment, we have no chance."},"card_2":{"headline":"Consider Criticality","description":"No company can afford a standstill in the OT environment, which is why we work with a digital twin for detection and identification. This ensures that there are no disruptions."},"card_3":{"headline":"Environment and Compliance Assessment","description":"We provide action recommendations regarding possible ransomware scenarios and compliance assessment with the goal of sustainably reducing risk."}},"collect_section":{"subheadline":"We Work in a Secure Environment","headline_1":"Collect Data &","headline_2":"Create OT Twin","description":"Our assessment includes the detection and identification of assets, machines, network segments, security configurations, reachability, and actual connectivity between devices. The asset inventory is contextualized according to roles, relationships to operational processes, and impacts. Subsequently, we create a digital cyber twin of the environment to analyze the security situation. This ensures that no impairment or interruption of operations can occur."},"quotation_card":{"quotation":"The importance of OT and IOT security in the context of digitalization cannot be overstated, as it ensures the fundamental integrity, availability, and reliability of operational technologies used in critical infrastructure, industrial processes, smart cities, and building digitalization."},"what_you_get_section":{"subheadline":"What You Get From Us","headline_1":"Maximum Visibility","headline_2":"for the Start","description":"Critical attack vectors are identified in a way that points not only to vulnerabilities but also to preparation against ransomware and potential threats that can be triggered through the supply chain. For each risk, a guide with practical, step-by-step recommendations for risk minimization is created, tailored to the operational environment. The result provides a risk-based impact report, allowing security experts to focus on the highest priority work.","description_2":"The assessment also provides out-of-the-box compliance evaluations for industrial security standards such as IEC 62443, NIST, and NERC CIP, from individual assets to the entire operational environment. Thus, our assessment delivers an overall conformity assessment, clear and detailed information about deviations, and recommendations and guidelines for addressing these deviations."},"asset_visibility_section":{"subheadline":"Asset Visibility from OTORIO","headline_1":"Strategic Partnership","headline_2":"in OT","description":"We are glad to have found a strategic partner in OTORIO for the OT sector. At OTORIO, OT is not just in the name, but especially in the DNA. With the Asset Visibility Tool, we create unrivaled transparency in any OT environment. Regardless of which components, protocols, manufacturers, or operation-specific data - the tool's claim is to find and provide everything. Sounds too good to be true? Let's find out together."},"whitepaper_section":{"subheadline":"Whitepaper","headline_1":"OT Security Reimagined:","headline_2":"Context-Based Exposure Management for Direct Results","description":"In this whitepaper you'll learn:","bulletpoint_1":"How to precisely identify risks in complex OT environments","bulletpoint_2":"Why context-based security strategies are crucial","bulletpoint_3":"Which modern technologies optimize your protection","pdf_title":"OT Security Reimagined:","pdf_description":"Context-Based Exposure Management for Direct Results"}},"professional_services":{"stage":{"subheadline":"We Bring Light into Production Halls","headline_1":"OT Assessment","headline_2":"with OTORIO","description":"With our assessment, we automatically visualize the entire inventory of OT, IoT, and IT assets in the OT environment using industrial and secure protocols and methods. Sounds difficult? It's not trivial either."},"we_work_in_a_secure_environment_section":{"subheadline":"We Work in a Secure Environment","headline_1":"Combined Expertise","headline_2":"Against Cyber Crises","description":"Our Professional Services are diverse. However, it always involves a precisely defined project. This can range from consulting on building security infrastructure to implementation, training, and strategy consulting. Before a project starts, we always conduct a risk assessment to determine the scope of work and the associated costs."},"we_strengthen_your_cyber_resilience_section":{"subheadline":"We Strengthen Your Cyber Resilience","headline_1":"Consulting, Implementation","headline_2":"Training and Strategy","description":"Our Professional Service offerings include services in both Business Security and Security Governance, Risk & Compliance. We provide support in the following categories:","bulletpoint_1":"Consulting and planning of system or network infrastructure, security policies, and technologies","bulletpoint_2":"Implementation, integration, and migration of new technologies","bulletpoint_3":"Health checks of deployed security systems","bulletpoint_4":"Hands-on training and education","bulletpoint_5":"Strategy consulting with business focus","bulletpoint_6":"Review and auditing"}},"faq_section":{"headline_1":"We're here to make","headline_2":"a change in the world.","description":"No one has the right to exploit advancing digital connectivity for their own gain at the expense of others. Neither today nor in the future.","faq_1":{"headline":"Our Mission","description_1":"We translate business requirements into IT security. Only those who understand the business know when and how the right measures are needed. With our expert team, we support our partners strategically and holistically. Sound consulting, exceptional service, efficient implementation, and rapid incident response management form a unique completeness.","description_2":"Through our actions, we secure not only the continued existence of companies but also jobs for society."},"faq_2":{"headline":"Our Vision","description":"We make the digital world a secure place. No one has the right to exploit advancing digital connectivity for their own gain at the expense of others. Neither today nor in the future."}},"strong_values_section":{"headline_1":"Strong Values","headline_2":"Our Guiding Principles","description":"To realize our mission and our goals, it's important that we pull together as a team. For this, we orient ourselves according to our mission statement, at whose center clearly stands partnership-based action. We invest unconditional trust and walk paths together – regardless of the relationship: whether employees, manufacturers, business partners, or service providers.","accordion_1":{"headline":"We Trust in Trust","description":"Everyone experiences unconditional trust with us. This trust is our highest good and the basis for loyalty, reliability, and transparency. We trust that all employees always act in the interest of suresecure, which is why we address mistakes not as failures but as opportunities for improvement."},"accordion_2":{"headline":"Courage is Challenge","description":"We make decisions with courage and determination. We represent our core values consistently with the goal of protecting our own company. The values of suresecure determine everything we do."},"accordion_3":{"headline":"Respect is the Key","description":"Everyone receives respect for the reasons of mutual respect. We respect our partners, our employees, and our customers. We respect the environment and the planet. We respect the law and the rules of the game."},"accordion_4":{"headline":"Made with Pure Passion","description":"Everything we do, we do with passion. This passion is our fuel to achieve the best results every day. The best results are only achieved for us when satisfaction is felt."},"accordion_5":{"headline":"Change Means Progress","description":"Our goal is a continuous and consistent development of suresecure and all employees. We react to new circumstances, requirements, or needs and integrate them dynamically into our actions."}},"detect":{"stage":{"headline_1":"Detect","headline_2":"Early Detection of Cyber Attacks","description":"Early detection of cyber attacks is crucial! We employ powerful detection technologies and expert analysis to identify potential threats before they can cause damage. Learn how our advanced tools, methods, and techniques give you the assurance that your company is protected in real-time."},"service_navigation_card_1":{"description":"Our Security Operations Center provides 24/7 monitoring, event analysis, and rapid response through modern SaaS architecture for optimal visibility and resilience.","button_text":"SOC for IT"},"service_navigation_card_2":{"description":"Managed Detection and Response (MDR) provides comprehensive security monitoring and response through specialists who detect threats, analyze incidents, and respond quickly to attacks.","button_text":"MDR"},"service_navigation_card_3":{"description":"Vulnerability Management includes continuous identification, assessment, reporting, and correction of security vulnerabilities. We use Qualys or Tenable for analysis, create a report, and provide recommendations.","button_text":"Vulnerability Management"}},"soc_for_it":{"stage":{"subheadline":"Risk Minimization through Cyber Resilience","headline_1":"Your","headline_2":"Security Operations Center","description":"Today's IT environments are increasingly complex. Monitoring all potential entry points is becoming more challenging. A Security Operations Center provides support by monitoring all connected systems around the clock. Security events are correlated, analyzed, and responded to accordingly. With our modern SaaS architecture, you gain visibility, resilience, and a SOC with Google speed."},"the_trinity_of_soc_services_section":{"subheadline":"The Trinity of SOC Services","headline_1":"A SOC Needs Full Equipment","cyber_icon_card_1":{"title":"People","description":"People make the difference. Interdisciplinary teams work 24x7 for your security."},"cyber_icon_card_2":{"title":"Process","description":"Clear procedures and escalation levels, along with a high degree of automation, ensure high efficiency in processing security events."},"cyber_icon_card_3":{"title":"Products","description":"Modern, scalable architectures with SIEM and SOAR offer maximum flexibility in connectivity and automation."}},"people_on_the_trail_of_hackers_section":{"subheadline":"People: On the Trail of Hackers","headline_1":"With White Hats","headline_2":"Against BlackCats","description":"A Security Operations Center is ultimately an organizational unit that would be nothing without the expertise of the people who work here. We are proud to have attracted so many professionals and unite Platform and Detection Engineers, Incident and SOC Analysts, DevOps, Consultants, and Incident Responders."},"we_go_all_in_with_service_section":{"subheadline":"We Go All-in with Service","headline_1":"SOC Service","headline_2":"without Compromise","description":"A SOC is not the same as a SOC. Our SOC claims completeness. For us, a SOC is not complete without SIEM, without SOAR, and without an integrated vulnerability scanner. We insist on incident response, comprehensive threat intelligence, incident drills, customer success management, and custom detections. Our SOC does not leave any room for cybercriminals and especially does not leave any doors open for cybercriminals. We correlate, analyze, and respond based on clear processes."},"standards_ensure_constant_quality_section":{"subheadline":"Standards Ensure Constant Quality","headline_1":"Established Processes","headline_2":"Are the Heart","description":"Clear processes and escalation levels ensure efficiency in the SOC. Just as much as a high degree of automation through detection rules & playbooks. So that analysts and analysts can focus exclusively on relevant alerts. When a critical alert is detected, it is escalated immediately to the responsible team. This ensures that the right people are notified at the right time."},"incident_management_process_section":{"subheadline":"Protected 24/7","headline_1":"Our SOC with","headline_2":"Google-Speed","description":"We are Google Cloud Security Partner and proud to be one of the few providers to fully embrace Google SecOps. Google has always dominated the field of searching and finding through analysis of the entire internet. With Google Security Operations, you get clear dashboards that immediately show anomalies. Through the intuitive system, you can trace back operations based on the corresponding log sources to the last detail. Our analysts then dive into deep forensic analysis based on fixed processes and recognition metrics as needed. This allows us to quickly provide a cyber kill chain. Google SecOps brought a SIEM and SOAR solution to the market that was impressive due to its immense speed and integration with Mandiant and Virustotal."},"faq_section":{"headline_1":"Frequently Asked Questions","faq_1":{"headline":"What's the difference between SOC & MDR?","description_1":"SOC (Security Operations Center):","description_2":"Internal security operation within an organization, responsible for monitoring, managing, and responding to IT security.","description_3":"MDR (Managed Detection and Response):","description_4":"Comprehensive security monitoring and response through specialists who detect threats, analyze incidents, and respond quickly to attacks."},"faq_2":{"headline":"What's the difference between SOAR & SIEM?","description_1":"SOAR (Security Orchestration, Automation, and Response):","description_2":"Automated security operations through orchestration of security tools and processes.","description_3":"SIEM (Security Information and Event Management):","description_4":"Collects and analyzes log data from various sources to detect security-relevant events."},"faq_3":{"headline":"What does a vulnerability scanner do?","description_1":"A vulnerability scanner is a tool that scans systems, networks, and applications to identify known security gaps and vulnerabilities. These scanners use databases of known vulnerabilities (such as CVEs) and check systems for signs that these vulnerabilities are present. The goal is to identify potential security risks before they can be exploited by attackers."},"faq_4":{"headline":"What does Customer Success Management provide?","description_1":"Customer Success Management (CSM) is a service that ensures the success of a customer's security operations. It includes ongoing support, training, and monitoring to ensure that the customer's security posture is always up to date and effective."},"faq_5":{"headline":"Which log sources can be connected?","description_1":"We haven't encountered a log source we couldn't connect yet. However, we clearly state that it makes sense to be selective with log sources. Common cloud log sources can be connected within a few hours, while on-premises sources might take a bit longer. Generally, onboarding is completed within a few weeks."}},"references_section":{"subheadline":"References","headline_1":"Companies with","headline_2":"strong cyber defense"},"animated_progress_section":{"subheadline":"Your path to SOC operations","headline_1":"Streamlined processes ensure","headline_2":"rapid deployment","animated_item_1":{"headline":"Decision Making","description":"We clarify open questions, align with stakeholders, define requirements, and create a final offer."},"animated_item_2":{"headline":"Onboarding","description":"We select resources, activate the Incident Retainer, and take relevant steps for NIS2 Compliance."},"animated_item_3":{"headline":"Long-term Partnership","description":"Our SOC service is an experience. We go through service review meetings, optimize use cases, and adapt, configure to achieve the optimal result for you."},"animated_item_4":{"headline":"Schedule consultation"}},"whitepaper_section":{"subheadline":"Whitepaper","headline_1":"Security Operations Center","headline_2":"How we make the cyber world a little safer every day","description":"In this whitepaper you'll learn:","bulletpoint_1":"What's included in the SOC service and how it works","bulletpoint_2":"How security incidents can be professionally and legally managed with integrated incident management","bulletpoint_3":"How efficient and fast onboarding leads to a successful partnership","button_text":"Download Whitepaper","pdf_description":"Security Operations Center: How we make the cyber world a little safer every day!","download_button_text":"The Ultimate Guide for SOC and MDR"}},"mdr":{"stage":{"subheadline":"Make it Managed","headline_1":"Managed Detection &","headline_2":"Response Service","description":"You have security systems in place but lack the time to analyze and interpret all events? Then make it managed. We deliver the MDR service with Incident Response Management right to your door."},"cyber_icon_card_1":{"title":"Around the Clock","description":"Cybercriminals don't know core working hours, which is why an MDR service must be offered 24/7."},"cyber_icon_card_2":{"title":"Incident Handling","description":"Our MDR service includes comprehensive incident handling. We don't just stop at identification; we act quickly and goal-oriented."},"cyber_icon_card_3":{"title":"Quick Onboarding","description":"With our decision for Google SOAR technology, we can connect most log sources within a few hours. From this point on, our service promise is already running."},"real_game_changer_section":{"subheadline":"A Real Game Changer in Risk Management","headline_1":"Early Detection","headline_2":"of Cyber Threats","description":"The Early Detection of Cyber Threats is a real game changer in risk management. It provides a comprehensive overview of all security events and allows for quick and targeted action. With our MDR service, you can focus on your core business and leave the security to us."},"search_and_analysis_section":{"subheadline":"Search & Analyze a large amount of data","headline_1":"The Next Level","headline_2":"Google SecOps","description":"Technology is only one part of the MDR service, but not an insignificant one, as it's about efficiency. If a company is known for processing, correlating, and analyzing large amounts of data – it's Google. Google fills this home turf with tools that are used by our SOC."},"quotation_card":{"quotation":"On average, attackers remain in the network for 180 days before deploying ransomware."},"our_analysts_take_over_section":{"subheadline":"Detect and Respond to Anomalies","headline_1":"Our Analysts","headline_2":"Take Over","description":"What we always integrate is our expertise in the form of our analysts. A high degree of automated processing is great, but it's exactly about the cases where normal playbooks don't work. That's when individual processing by the expert team with various specializations begins."},"faq_section":{"headline_1":"Frequently Asked Questions","faq_1":{"headline":"What is managed detection and response?","description":"The MDR service is a comprehensive security monitoring and response through specialists who detect threats, analyze incidents, and respond quickly to attacks."},"faq_2":{"headline":"What is the difference between EDR and MDR?","description":"EDR (Endpoint Detection and Response): Endpoint detection and response is a security service that monitors endpoints for signs of malware, suspicious activity, and other security threats."},"faq_3":{"headline":"Which log sources can be connected?","description_1":"Google has defined more than 800","description_2":"standard sources","description_3":"that can be connected. This list includes almost all renowned manufacturers as well as all common systems. All standard sources can be connected within a few hours."},"faq_4":{"headline":"What happens after an identified attack?","description":"When we detect an attack, we immediately start our incident response process. This means our CIRT assembles and immediately ensures that the damage is kept to a minimum. We not only cover forensics but also take over the entire management, advise on crisis communication and legal aspects, and if necessary, directly handle the recovery."}}},"soc_cyber_insurance":{"stage":{"subheadline":"Insured instead of excluded.","headline_1":"Managed SOC +","headline_2":"Cyberinsurance","description":"Cyberinsurance is an important building block of holistic Business Resilience. However, getting them is often difficult and not easy, because the barriers are large. Long risk dialogues, exclusion criteria, insurance exclusions. We shorten it: With us, the Cyberinsurance is now an integral part of the Managed SOC. Without risk dialogue. Sounds exciting?"},"intro_section":{"subheadline":"Insurance as an integral part","headline_1":"So becomes Cyber- to Business-Resilience","cyber_icon_card_1":{"title":"Technical Resilience","description":"Quick reaction through real-time detection by the Managed SOC. Early detection is the decisive factor in reducing damage."},"cyber_icon_card_2":{"title":"Financial Resilience","description":"Insurance protection for financial damage as well as the assumption of service provider costs and much more. So becomes unpredictable - predictable."},"cyber_icon_card_3":{"title":"Organizational Resilience","description":"Clear processes and the guaranteed availability of interdisciplinary expert teams ensure an efficient and error-free processing of security incidents."}},"module_1":{"subheadline":"Module 1:","headline_1":"Full-value","headline_2":"Managed SOC","description":"A SOC is not just a SOC. Our SOC claims completeness. This means that for us, SIEM and SOAR technology as well as an integrated vulnerability scanner are part of the standard equipment. We insist on Incident Response, comprehensive Threat-Intelligence, Incident Drills, Customer Success Management and Custom Detections. Our SOC leaves no wishes and especially no doors open for cybercriminals. We correlate, analyze and react based on clear processes. With our Managed Security Operations Center, attacks are detected and resolved early. More information is available on the service page. ","buttonText":"MANAGED SOC"},"module_2":{"subheadline":"Module 2:","headline_1":"The Essence of","headline_2":"Cyberinsurance","description":"The second module is an integrated cyberinsurance. This cyberinsurance covers, among other things, own damage such as data loss or restoration costs, forensic analyses as well as crisis management and accompanying crisis communication, protection against cyber extortion, reputation protection, the assumption of legal costs and outages of IT service providers. This ensures that in a security incident, all important components are covered and the production can be started as quickly as possible. More information on the topic of cyberinsurance can be found here.","buttonText":"CYBERINSURANCE"},"no_risk_section":{"headline_1":"Without Risk Dialogue","headline_2":"Insured","description":"With our bundle, we solve the biggest barriers on the way to cyberinsurance. No general exclusions, no risk dialogue. Together with our partner DUAL Insurance, we have developed the cyberinsurance so that our Managed SOC is sufficient as proof of strong resilience. So we can offer the cyberinsurance as an integral part. No long processes. No exclusion. Simply insured. So the security goes up - and the risk goes down. "},"faq_section":{"headline_1":"Frequently Asked Questions","faq_1":{"headline":"I have already have insurance - what now?","description_1":"We often hear this. In this case, the existing cyberinsurance is checked and the need and design are analyzed. And no problem, the Managed SOC can be used separately at first. It can be determined whether the current insurer considers technical protection measures such as the SOC in the contract. Alternatively, a transparent consultation is offered on a possible change. In many cases, the combination of the contribution can be reduced or the scope of protection improved. An existing cyberinsurance is in no case a show-stopper for the SOC project."},"faq_2":{"headline":"Is it not better to keep both separately?","description_1":"Theoretically yes - practically no. The bundling not only saves costs and coordination effort, but also allows an optimally coordinated security strategy. The close interconnection of both components results in advantages such as:","bulletpoint_1":"faster incident response","bulletpoint_2":"uniform communication in the event of a security incident","bulletpoint_3":"and more efficient regulation through reduced complexity","description_2":"In short: everything from one hand - without friction losses."},"faq_3":{"headline":"For which companies is the bundle suitable?","description_1":"The package is particularly aimed at small and medium-sized companies that neither have their own security personnel nor a comprehensive cyber strategy. It is particularly suitable for industries with sensitive data or IT-based processes - from the manufacturing industry to the healthcare sector."},"faq_4":{"headline":"What exactly is included in the bundle?","description_1":"The bundle combines technical defense and financial protection: The Managed SOC (Security Operations Center) monitors systems around the clock and detects cyber threats early. The integrated cyberinsurance protects companies financially in the event of a security incident, for example through ransomware, data loss, or business disruption."},"faq_5":{"headline":"What damages does the cyberinsurance cover?","description_1":"We know of no log source that we have not been able to connect yet. We also clearly state that it makes sense to be selective with log sources. Common cloud log sources can be connected within a few hours, while on-premises sources may take a bit longer. Generally, onboarding is completed within a few weeks."}},"references_section":{"subheadline":"References","headline_1":"Companies with","headline_2":"strong cyber defense"},"whitepaper_section":{"subheadline":"Whitepaper","headline_1":"Cyber-Resilience becomes","headline_2":"Business-Resilience","description":"In this whitepaper you will learn:","bulletpoint_1":"How a good cyber resilience affects the entire company","bulletpoint_2":"How a cyber insurance and a Managed SOC complement each other","bulletpoint_3":"Why we prefer an integrated cyber insurance approach","file_description":"SOC + Cyberinsurance Bundle in the company context"}},"defend":{"stage":{"subheadline":"CYBERSECURITY IS TEAMSPORT.","headline_1":"DEFEND","headline_2":"WHAT'S IMPORTANT TO YOU.","description_1":"What's important to you should be defended. Whether it's your own family, your own goal or the Achilles' heel of every company: the digital infrastructure.","description_2":"We are an official cybersecurity partner of Borussia Mönchengladbach. Defense is in our DNA. We ensure that digital infrastructures withstand every attack, regardless of industry, country or framework conditions.","button_text":"Read Success Story","button_text_2":"Watch Video"},"key_section":{"headline_1":"The Key?","headline_2":"Early Detection.","description_1":"Just as in football, it's about anticipating attacks before they even happen. At this sensitive point, we make the right decisions and prevent damage before it occurs.","description_2":"As part of our campaign “Defend what's important to you,” we talked to players from Borussia Mönchengladbach about what it actually means to defend. Often, defenders operate in the shadows, remain under the radar, even though they are essential for the game.","description_3":"What do Nico Elvedi, Stefan Lainer, Julian Weigl and Rocco Reitz have to say about it?","image_description":"Nico Elvedi, Stefan Lainer, Julian Weigl and Rocco Reitz"},"videos_section":{"headline_1":"FOUR PERSPECTIVES.","headline_2":"ONE GOAL: DEFEND.","elvedi":{"title":"RELAXATION. OVERVIEW. ANTICIPATION","description":"Nico Elvedi about what a defender cannot train.","bulletpoint_1":" What makes a good defender? {'\n'} „A good defender must know what the opponent is planning.“","bulletpoint_2":"What's special about defending for you? {'\n'} „It's like a puzzle. If I'm in the right place, there's no need for a duel.“","bulletpoint_3":"How exactly do you analyze the opponent's combination? {'\n'} „I analyze running paths, body language and ball position.“"},"lainer":{"title":"ENERGIE. WILLE. TIMING","description":"Stefan Lainer about the motivation behind every sprint.","bulletpoint_1":"What does a perfect duel look like for you? {'\n'} „I want the opponent to have no fun.“","bulletpoint_2":"What's special about defending for you? {'\n'} „Clear, clean, but you have to show that you're there.“"},"reitz":{"title":"RESPONSIBILITY. USE. LOYALTY.","description":"Rocco Reitz about the often invisible backbone of a functioning game.","bulletpoint_1":"Is defending actually valued enough? {'\n'} „Often not, but without defensive balance, no one wins.“","bulletpoint_2":"What does it mean to you to defend your own goal? {'\n'} „You give everything because everything collapses when you don't.“"},"weigl":{"title":"ANALYSIS. CONTROL. PRECISION.","description":" Julian Weigl about opponent reading, decision pressure and what preparation really means.","bulletpoint_1":"How do you prepare for an attacker? {'\n'} „I have to know what he thinks and when he hesitates.“"}},"company_section":{"headline_1":"How does defense look","headline_2":"in your company?","description_1":"Whether Bundesliga club or medium-sized company: Whoever carries responsibility must be able to defend - before something happens.","description_2":"Cyber attacks today no longer only affect large companies, but every industry, every size, every moment. If the digital Achilles' heel remains unprotected, the damage is often irreversible. {'\n'} If you know what's at stake, don't wait for the first opponent goal."}},"vulnerability_management":{"stage":{"subheadline":"Know your vulnerabilities - before others exploit them","headline_1":"Vulnerability","headline_2":"Management","description":"In a world where cyber attacks are becoming increasingly complex, it's more important than ever to know your vulnerabilities. With our vulnerability management service, we identify, assess, and report on security vulnerabilities. We use Qualys or Tenable for analysis, create a report, and provide recommendations."},"sustained_vulnerability_management_section":{"subheadline":"Sustainability is crucial","headline_1":"We are","headline_2":"your partner","description":"We are your partner in the fight against cyber threats. We identify, assess, and report on security vulnerabilities. We use Qualys or Tenable for analysis, create a report, and provide recommendations."},"process_and_implementation_section":{"subheadline":"Process and Implementation","headline_1":"Quick Integration","headline_2":"for fast results","description":"As part of the VM Service, a software agent is installed on all supported and contractually agreed systems by the client, which collects local telemetry data and forwards it to the management system. The management system compares the received data with known vulnerabilities and also registers changes in update status. For sources that cannot be scanned via software agent (e.g., firewalls), a network scanner can optionally be implemented."},"all_inclusive_section":{"subheadline":"All Inclusive","headline_1":"Our Services","headline_2":"Your Security","description":"Our service includes the following activities:","bulletpoint_1":"Administration of VM Platform","bulletpoint_2":"Acceptance and processing of change requests","bulletpoint_3":"Patch and update management of the platform","bulletpoint_4":"License management","bulletpoint_5":"ON and OFF-boarding of data sources (optional)","bulletpoint_6":"Scanning sources for vulnerabilities","bulletpoint_7":"Alerting about currently relevant vulnerabilities","bulletpoint_8":"Standard Reporting"}},"respond":{"stage":{"headline_1":"Respond","headline_2":"Efficient Response to Cyber Attacks","description":"Our response strategies aim to eliminate threats and ensure the recovery of your systems. Learn how we effectively respond in emergencies to minimize damage and ensure your business continuity. Discover how our response expertise can support you in times of crisis."},"service_navigation_card_1":{"description":"We typically respond to incidents and suspicious cases within minutes, carefully reviewing each report and selecting the appropriate strategy.","button_text":"Safeguard"},"service_navigation_card_2":{"description":"Our Incident Response Service helps manage security incidents, from initial response to secure restoration of business operations.","button_text":"Incident Response Management"},"service_navigation_card_3":{"description":"The Incident Response Plan provides structured guidance for efficiently handling cyber incidents and defining security incidents.","button_text":"Security Incident Response"},"service_navigation_card_4":{"description":"Emergency plans are only useful when tested. Regular crisis exercises using the table-top method verify if the plans actually work.","button_text":"Incident Drill"}},"incident_response_retainer_safeguard":{"stage":{"subheadline":"Get your personal SafeGuard","headline_1":"Our Incident Response Retainer -","headline_2":"Your SafeGuard","description":"Our SafeGuard is like an airbag: In case of emergency, you land softly and have an experienced team of experts right by your side. When handling incidents, it's crucial to make the right decisions quickly. Together, we efficiently manage the incident and return to normal operations promptly. Our SafeGuard is much more than just a service level agreement."},"info_card_section":{"subheadline":"These questions are better asked before an incident","headline_1":"This really hurts:","cyber_icon_card_1":{"title":"Who supports me in an emergency?","description":"When handling security incidents, the following things are crucial: Speed, expertise, and experience. If the search for a service provider only begins when the emergency occurs, time is lost and under pressure, no adequate evaluation can take place."},"cyber_icon_card_2":{"title":"What do I need to consider?","description":"Better approach: Having practiced the emergency scenario. Cyber crisis exercises should be on every C-level agenda. This not only ensures quick response times but also strengthens the resilience of the team and systems."},"cyber_icon_card_3":{"title":"Is this even an emergency?","description":"There's no joking when it comes to anomalies in network or infrastructure. Better to check once too often than too little. If it's not defined when an emergency exists and where to report it, early indicators might be overlooked."}},"cyber_attack_section":{"subheadline":"Cyberattack - what now?","headline_1":"The fastest retainer in the industry","description":"We know that every minute counts in an incident. That's why we typically respond within minutes. This ensures a swift reaction. This service level agreement also applies to suspected cases - we examine every report with the same diligence and then decide which strategy is right. Furthermore, we practice emergency scenarios together and check the infrastructure - regularly."},"quotation_card":{"quotation":"Thanks to suresecure GmbH's SafeGuard, during our security incident, we had an entire team of experts available within hours and a plan for how to approach the project."},"preparation_section":{"subheadline":"Preparation is a key factor","headline_1":"We provide the","headline_2":"Full-Service Retainer","description":"It's often forgotten that a security incident is a company crisis. Crises often involve chaos, and with cross-cutting issues, many departments must contribute. The following workstreams are included in our Incident Framework and run in parallel:","bulletpoint_1":"Incident Response Management: Control, Coordination, and Organization","bulletpoint_2":"Communication: Target group-specific communication strategy","bulletpoint_3":"Legal: Consideration of reporting chains and authority management","bulletpoint_4":"Forensics: Cyber Kill Chain preparation & in-depth analysis","bulletpoint_5":"Containment: Minimization of potential damages","bulletpoint_6":"Disaster Plan: Prioritization of reconstruction","bulletpoint_7":"Recovery: Rebuilding of systems/infrastructure"},"it_doesnt_always_have_to_be_full_encryption_section":{"subheadline":"It doesn't always have to be full encryption","headline_1":"Check critical events immediately","description":"Our retainer offers you the possibility of reassurance. Therefore, it's better to contact our expert team once too often than too little. We examine critical events in detail and provide you with a cyber kill chain."}},"incident_response_management":{"stage":{"subheadline":"Experience Makes the Difference","headline_1":"Incident Response","headline_2":"Management","description":"Managing incidents efficiently requires extensive experience. During a crisis, a company is typically difficult to manage. Especially during security incidents, many departments want to enforce their own priorities. That's why it's important to have a central Incident Manager who holds the reins and coordinates the different units through the relevant phases."},"incident_response_management_section":{"subheadline":"Incident Response Management","headline_1":"Handle Security","headline_2":"Incidents","description_1":"With our Incident Response Service, we support you in managing security incidents. From initial response through establishing emergency operations to secure restoration of all business operations.","description_2":"We maintain constant close coordination with departments, IT, and company management to ensure sustainable reconstruction. We handle the crisis situation holistically - from internal and external crisis communication to ensuring compliance with reporting obligations, legal and criminal aspects, and court-admissible forensics."},"it_emergency_support_card":{"title":"IT Emergency Support","description":"If you notice a security incident, don't hesitate. Contact our IT Emergency Support team for immediate assistance."},"faq_section":{"subheadline":"Comprehensive Services","headline_1":"We support:","headline_2":"Before, During & After","description":"For a Security Operation Center to generate the desired output, certain features are needed. Here's a brief explanation:","faq_1":{"headline":"Incident Response Management Plan","description_1":"This IRMP describes the technical and organizational handling of cyber security incidents in a structured way. The IRMP ensures that security incidents can be responded to quickly, appropriately, and comprehensively. It contains a highly individualized procedure model that will be precisely tailored to your IT environment and organizational structure. Based on an analysis, we jointly establish organizational and technical measures, create communication guidelines, and design a suitable Incident Response model. An IRMP is like drawing an emergency map for your company - but in the digital realm. If an incident occurs, countermeasures can be initiated immediately. This can make the difference between \"operational disruption\" and \"operational failure\" and, consequently, the preservation of the employees' and the entire operation's existence.","subheadline":"An IRMP consists of six phases:","bulletpoint_1_bold":"Phase 1: Preparation","bulletpoint_1_text":"Organizational matters, security measures, team building, definition and handling of security incidents, alert paths and processes.","bulletpoint_2_bold":"Phase 2: Identification","bulletpoint_2_text":"Detection of critical events, classification of security incidents, scope and impact of security incidents.","bulletpoint_3_bold":"Phase 3: Containment and Investigation","bulletpoint_3_text":"Containment measures, planning for data collection and evidence preservation, documentation.","bulletpoint_4_bold":"Phase 4: Elimination","bulletpoint_4_text":"Removal of malware, elimination of entry points and vulnerabilities.","bulletpoint_5_bold":"Phase 5: Recovery","bulletpoint_5_text":"Recovery planning considering business continuity, application of proven methods","bulletpoint_6_bold":"Phase 6: Post-Incident","bulletpoint_6_text":"Analysis and improvement processes, evaluation of effectiveness and updating of all measures","description_2":"In addition to the Incident Response Management Plan, we create additional documents to facilitate working with the Incident Response Management Plan:","bulletpoint_7_bold":"Quick Guide:","bulletpoint_7_text":"Describes the steps to be taken in case of a security incident in a clear and logical temporal sequence.","bulletpoint_8_bold":"RACI Matrix:","bulletpoint_8_text":"Describes tasks, activities, responsibilities, and information flows and assigns them to relevant roles and functions.","bulletpoint_9_bold":"Recovery Plan:","bulletpoint_9_text":"Contains a proposed, proven structure of all information relevant to recovery planning.","description_3":"Our IRMP helps prioritize and coordinate necessary tasks. It is both the foundation and the most important tool."},"faq_2":{"headline":"Safeguard","description_1":"In a cyber incident, it's not just about doing the right things, but about taking the necessary measures quickly, effectively, and efficiently. With the SafeGuard service contract, you secure experienced professional staff who will be active within 2 hours and will immediately assemble an interdisciplinary team that represents our entire IR Framework. You will receive a manager-on-duty dial-in that is available 24/7 for you. This means you can immediately discuss any critical events with one of our managers - it doesn't have to be a security incident.","description_2":"This ensures that reputational and monetary damages are minimized and you can quickly resume your IT operations.","description_3":"The service contract guarantees the following:","subheadline":"Services from our IR Framework:","bulletpoint_1":"Incident Management","bulletpoint_2":"Gerichtsverwertbare Forensikt","bulletpoint_3":"Juristische Beratung","bulletpoint_4":"Recovery of the IT infrastructure","bulletpoint_5":"IT Security Consulting","bulletpoint_6":"Crisis and Communication Management","subheadline_2":"The service contract guarantees the following:","bulletpoint_7":"Dedicated Incident Manager","bulletpoint_8":"Ad-Hoc Access to Our CIRT","bulletpoint_9":"Response time within 2 hours","bulletpoint_10":"24x7 On-Call","bulletpoint_11":"Reduced Workload","bulletpoint_12":"Interdisciplinary Support by IR Framework","bulletpoint_13":"Exclusive Manager on Duty Hotline"},"faq_3":{"headline":"Emergency Help","description_1":"You have noticed a critical cyber attack and need assistance with mitigation? We are very experienced in this area and have all the necessary skills. We handle your incident in 5 phases. Each phase should not be skipped under any circumstances to exclude the attacker from gaining access to the systems again. A security incident in the cyber realm is a serious crisis situation. Stress and pressure should not lead to blind action. We support you in prioritizing the right things at the right time.","description_2":"We identify the starting point and generate insights about the scope of the attack, affected systems, and much more. Then we isolate the affected network areas to prevent further spread and thereby reduce the risk of a new infection. We clean the isolated areas and then restore systems and devices. Afterwards, we recommend a joint review of the incident and create action recommendations to secure your processes."}},"references_section":{"subheadline":"References","headline_1":"Our Customers","headline_2":"are our Partners"},"quotation_card":{"quotation":"We have found an excellent partner and advisor in suresecure, with whom we will continue to expand and improve our solution in the future."}},"incident_response_plan":{"stage":{"subheadline":"Security incident is a race against time","headline_1":"Incident Response Plan","headline_2":"quickly back to normal operations","description":"The race starts with the identification of a security incident. An incident always costs money, but the question is how severe will the impact be? The financial consequences in terms of revenue loss and other factors can be contained with proper behavior. An Incident Response Plan ensures structured and efficient processing."},"carousel_section":{"subheadline":"These questions are better asked before an incident","headline_1":"Why is a plan so important?","carousel_item_1":{"headline":"Where do authorities and responsibilities lie?","description":"The core task of a defined crisis team: Clear definition of responsibilities. This point alone saves valuable time in coordination and organization."},"carousel_item_2":{"headline":"How can we prevent spread?","description":"Is there network segmentation to isolate infected systems? When this is known and implemented, this point can save millions of euros in damage."},"carousel_item_3":{"headline":"What are the critical business processes?","description":"This question is fundamental for returning to normal operations. Which systems need to be restored with priority to become productive? This list is enormously valuable in every incident handling."},"carousel_item_4":{"headline":"What IT applications are needed for this?","description":"When I know the critical processes, I also know which IT applications are necessary for these processes to run? This quickly leads to prioritization and a clear roadmap for recovery."},"carousel_item_5":{"headline":"How do we communicate with which target group?","description":"In the worst case, both external and internal stakeholders immediately notice that something is wrong. Planning and managing this communication with press, board members, employees, and social media is a task not to be underestimated."}},"using_time_efficiently_section":{"subheadline":"Using time efficiently","headline_1":"The race begins with a set procedure","description":"The Incident Response Plan forms the framework for structured and efficient processing of a Cyber-Incident. This framework is detailed and provides guidance on when a Security Incident is likely to occur.","bulletpoint_1":"It ensures technical and organizational preparation","bulletpoint_2":"It ensures timely, appropriate, and comprehensive action","bulletpoint_3":"It enables prioritization and coordination of tasks"},"quotation_card":{"quotation":"The financial consequences of restoring after a security incident can range from days to weeks - millions of euros!"},"thinking_through_and_developing_phases_section":{"subheadline":"Thinking through and developing phases","headline_1":"International standards: Yes -","headline_2":"Standard report: No","description":"Our Incident Response Plans are based on international standards. These form the basis. Within this framework, we enrich our knowledge with Best Practices and our experience from the field. We are not just big theorists, but doers. So we develop the content for all relevant phases - suresecure-like:","bulletpoint_1":"Preparation","bulletpoint_2":"Identification","bulletpoint_3":"Containment","bulletpoint_4":"Eradiction","bulletpoint_5":"Recovery","bulletpoint_6":"Lessons Learned"},"faq_section":{"subheadline":"Concrete Steps","headline_1":"In 3 Phases to the IRP","faq_1":{"headline":"Phase 1: Setup & Preparation","bulletpoint_1":"Define scope & framework conditions","bulletpoint_2":"Document review, current state analysis & detailed project plan","bulletpoint_3":"Project communication to stakeholders and project participants","bulletpoint_4":"Collection & mapping of critical assets"},"faq_2":{"headline":"Phase 2: Content Creation","bulletpoint_1":"Creation of the Incident Response Strategy and Analysis of potential damage scenarios","bulletpoint_2":"Definition of reporting and escalation paths, containment measures, and playbooks","bulletpoint_3":"Definition of communication strategies, principles, and reporting obligations","bulletpoint_4":"Establishment of principles for forensic analysis & evidence preservation"},"faq_3":{"headline":"Phase 3: Completion & Acceptance","bulletpoint_1":"Creation of the IRMP framework","bulletpoint_2":"Creation of Quick Guide, RACI Matrix, and Mini-Business Impact Analysis","bulletpoint_3":"Creation of a detailed recovery plan","bulletpoint_4":"Building/Improving the KVP through procedures for incident aftermath"}}},"incident_drill":{"stage":{"subheadline":"We test emergency plans for suitability","headline_1":"Incident Drill","headline_2":"feel the crisis","description":"Experience shows that untested emergency plans are only partially useful. The crisis must be rehearsed to verify if what is written actually works. Documentation is only the first step. That's why we offer you the opportunity to test your emergency plan in a crisis exercise."},"security_incident_section":{"subheadline":"Security incident testing is tailored to target groups","headline_1":"We cluster two areas","cyber_icon_card_1":{"title":"Technical Crisis Exercise","description":"We challenge IT teams and practice the worst-case scenario with relevant stakeholders."},"cyber_icon_card_2":{"title":"Organizational Crisis Exercise","description":"Crisis team - please assemble. We have a full encryption situation. How do we proceed?"}},"it_doesnt_always_have_to_be_full_encryption_section":{"subheadline":"It doesn't always have to be full encryption","headline_1":"Immediately check critical events","description":"Our retainer offers you the possibility of reassurance. Therefore, it's better to contact our expert team once too often than too little. We examine critical events in detail and compile a final report through the analyzed artifacts. This transparently documents exactly what happened and the resolution of the alert. Our Incident Retainer comes in two variants:"},"hello_team_section":{"subheadline":"Hello, IT Team","headline_1":"Technical","headline_2":"Crisis Exercise","description":"Of course, we begin with a detailed preliminary discussion where we coordinate the scenario and all relevant details with IT management. In this context, there is the possibility to adjust the scope or design specific exercise aspects according to your individual requirements. The topic areas can be focused on alerting, reporting, forensics, log-collecting, or defined differently. The scope is defined together."},"the_crisis_team_meets_section":{"subheadline":"The Crisis Team Meets","headline_1":"Organizational","headline_2":"Crisis Exercise","description":"The organizational crisis exercise for the crisis team aims to improve the response capability and cooperation of the crisis team in a scenario of a serious IT security incident. Participants should learn effective action in such situations and identify weaknesses within the organization. Here we outline a detailed crisis scenario. Participants are introduced to this scenario and must deal with questions from real incidents. Topics include emergency operations, communication, legal aspects, or emergency plans."},"this_is_how_we_achieve_sustainable_development_section":{"subheadline":"This is how we achieve sustainable development","headline_1":"Lessons Learned –","headline_2":"in both cases","description":"After the crisis exercises, we conduct detailed lessons learned meetings. Here, the results are thoroughly discussed, insights are gathered, and recommendations for future measures are derived for the company. Our goal is to improve IT security and the company's incident response capabilities, prepare for possible crisis situations, and uncover current vulnerabilities."},"faq_section":{"subheadline":"Frequently Asked Questions","faq_1":{"headline":"What is an incident drill?","description":"Emergency plans are great, but their application often occurs when it's too late. That's why practicing them is so important. It's not just about practicing processes and different roles; the entire plan is also checked for currentness alongside."},"faq_2":{"headline":"How often should Incident Drills be conducted?","description":"We recommend annual implementation. This is the only way we can ensure that the plans are always up to date."},"faq_3":{"headline":"Is an emergency plan absolutely necessary?","description":"It's not absolutely necessary, but we clearly recommend having one. It doesn't need to be 40 pages long. It should meet the requirement that the most important roles, responsibilities, and processes are properly documented. Because these points are the biggest time consumers in an incident."}}},"our_dna":{"stage":{"subheadline":"Corporate Mission Statement","headline_1":"We are","headline_2":"suresecure.","description":"Our goal is to create a place where work and life fit together perfectly. For us, this means that work is oriented around life, not the other way around. This place is characterized by a clear value system, allowing everyone to develop freely. Only this way can we make the digital world a little safer every day.","button_text":"Get to know us"}},"partners":{"subheadline":"Customers are Partners","headline_1":"With us, customers become","headline_2":"partners","description":"We believe that only partnership-based business relationships are sustainable. A good partnership is based on trust. With our trust culture, we lay the foundation for partnership relationships with all stakeholders. We are incredibly proud that with this approach, we have already been able to gain many references.","partners_section":{"subheadline":"Partners","headline_1":"We believe in","headline_2":"strong partnerships","description":"As a consulting company within IT security, one thing is particularly important to us: Comprehensive, honest, and transparent consulting. You give us your trust, we thank you with a special partnership. Let us convince you and read about successful projects that we have published as success stories with some of our partners."},"our_network":{"subheadline":"Our Network","headline_1":"Cooperations and","headline_2":"Partnerships","description":"Cooperations and additional partnerships are part of it. We are very happy about the long-standing, good relationships and are always willing to enter into meaningful new cooperations."}},"careers":{"stage":{"subheadline":"Career","headline_1":"Become Part","headline_2":"of a Vision","description_1":"Are you looking for a job that makes you jump out of bed in the morning with excitement for the day? Does personal responsibility, a strong team, and hunger for shared success sound good to you? We are special and so are you. Let's shape the future together.","description_2":"We offer numerous benefits that support you in bringing your full passion to our mission and creating the workplace that fits your needs. You can find all benefits on this page, feel free to look around.","button_text":"Current Job Openings"},"your_security_operations_center_section":{"subheadline":"Your Security Operations Center","headline_1":"Passion Drives Us","description_1":"We have set ourselves the goal of making the digital world a secure place. We are not just any consulting company, but we support medium to large companies and organizations in optimally setting up, securing, and operating their IT infrastructures, data assets, and critical business processes. Our aspiration is to become the primary contact for all security topics - your security operations center. This is only possible as a high-quality service provider. And that's exactly what we are.","image_description_1":"Our quality consciousness knows no bounds. Driven by our values","image_description_1_bold":"Partnership, Courage, Trust, Respect, Flexibility","image_description_2":"and especially","image_description_2_bold":"Passion","image_description_3":", it is our own aspiration to deliver the best possible performance for our partners and do everything in our power against cyber attacks.","image_description_4":"As a service provider, we not only solve complex security incidents, but we primarily protect companies from successful cyber attacks. With our Cyber Defence Center, we detect attacks very early and can take appropriate measures accordingly. As a Securian, you're on the right side. Come into the world of cybersecurity and discover what it means not just to secure systems or data. We secure companies, workplaces, and thus a crucial foundation of society."},"our_definition_of_new_work_section":{"subheadline_1":"Our Definition of","subheadline_2":"New Work","headline_1":"Above-Average Compensation","description_1":"We pay performance and market-oriented salaries. We align with transparent benchmark values. Our credo: Top-of-the-market salaries for everyone.","headline_2":"True Remote Work","description_2":"You'll receive the equipment from us. Where and when you work doesn't matter to us. We focus on results, not presence.","headline_3":"Unlimited Vacation Days","description_3":"It sounds funny, but it's true. We trust you already in terms of working hours and extend this trust to the area of vacation.","headline_4":"True Hybrid-Office","description_4":"Did the ceiling fall on your head at home? No problem: Simply use rented co-working spaces.","headline_5":"Individual Further Education","description_5":"It has to be, because the demand is individual. Whether training, coaching, or seminar - all employees are expected to complete a further education every year.","headline_6":"Classic Benefits","description_6":"– there's also: Company pension, team events, uncomplicated vacation planning, etc.","headline_7":"Team Spirit","description_7":"You work in an expert team and find the highest level of motivation and passion in all business units. Everyone here wants to make the digital world safer.","headline_8":"Spaces","description_8":"You can achieve everything and nothing here. It's all up to you. We offer you the space and the opportunity to actively shape the company - every idea finds a place and ear. Our credo is: Diversity leads to success."},"quotation_card":{"quotation":"As a Securian, you have one of the top 10 jobs in Germany. You can't get more trust or responsibility, you can't have more personal responsibility, you can't go beyond your current mental boundaries if you're willing to do so. Don't you believe it? Then call me."},"open_positions_section":{"clear_all_filters":"Clear All Filters"}},"aktuelles":{"headline":"News","subheadline":"Always up to date with cybersecurity","read_more":"Read More"},"press_area":{"error_loading":"Error loading press releases.","tag":"Press","no_releases":"No press releases available."},"podcast":{"subheadline":"Cybersecurity Basement","headline_1":"The Podcast","headline_2":"for real","headline_3":"security content","description_1":"In our podcast, Michael Döhmen talks with exciting guests about cybersecurity topics every 14 days. We place great emphasis on objectivity. No suresecure feature-fucking, but rather a serious, authentic, and honest exchange of theory and practice.","description_2":"The podcast is aimed at IT and security decision-makers and anyone who wants to become one. There's no blabla here, just security as a craft. Honest and straightforward. The protagonists translate security into business language and vice versa.","description_3":"Guests are also invited to capture different perspectives or customer voices. This brings even more practical insights, and the podcast stays on eye level with its target audience.","subscribe_and_listen":"Subscribe now & listen everywhere","all":"All","episodes":"Episodes"},"downloads":{"subheadline":"Always up to date with cybersecurity","publications":"Publications","success_stories":"Success Stories","download_item":"Download {slug}","company":"Company","receive_content":"I would like to receive the content asset mentioned above and be informed about other IT security topics."},"header":{"services":"Services","services_dropdown":{"prevent":{"headline":"Prevent","cyber_audit":"Cyber Audit","cyber_insurance":"Cyber Insurance","ot_security":"OT Security","professional_services":"Professional Services"},"detect":{"headline":"Detect","mdr":"Managed Detection & Response","soc_cyber_insurance":"SOC + Cyber Insurance","soc_for_it":"Managed SOC","soc_for_ot":"Managed SOC for OT","vulnerability_management":"Vulnerability Management"},"respond":{"headline":"Respond","incident_response_retainer_safeguard":"Incident Response Retainer - SafeGuard","incident_response_management":"Incident Response Management","incident_response_plan":"Incident Response Plan","incident_drill":"Incident Drill"}},"about_us":"About Us","about_us_dropdown":{"headline":"About Us","our_dna":"Our DNA","partners":"Partners","careers":"Careers"},"news":"News","news_dropdown":{"headline":"News","press_area":"Press Area","podcast":"Podcast","downloads":"Downloads","knowledge_base":"Knowledge-Base"}},"knowledge_base":{"description_1":"Welcome in the Knowledge-Area of suresecure GmbH. Here we create clarity about terms, attack methods and above all abbreviations. Besides the pure definition, we also provide insights into possible use cases or possible protective measures. Let us know if something is missing. Otherwise, have fun browsing. A mail to {mail}"},"imprint":{"headline":"Legal Notice","company":{"name":"suresecure Europe ltd.","address":"OYIA Building Level 0 \nCross Road Marsa MRS1574","contact":{"phone":"Phone","fax":"Fax","email":"Email"},"details":{"headquarters":"Company Headquarters: Düsseldorf","registration_court":"Registration Court: District Court Düsseldorf","registration_number":"Registration Number: HRB 95958","managing_directors":"Managing directors: Andreas Papadaniil, Jona Ridderskamp","tax_number":"Tax registration No.: 972 230 424","vat_id":"VAT ID: MT3138-0425","commercial_register":"Commercial register No.: C 109781"}},"press_contact":{"title":"Press Contact","description":"Please direct press inquiries via email to:"},"responsibility":{"title":"Scope of Responsibility","description":"This legal notice applies exclusively to the internet presence at the address:"},"liability":{"title":"Liability Notice","description_1":"Despite careful content control, we assume no liability for the content of external links. The operators of the linked pages are solely responsible for their content. All information on this internet presence has been carefully prepared. Nevertheless, content may be incorrect or incomplete. No liability is assumed for any damages or other disadvantages that may arise from the use of the information presented here.","description_2":"According to § 28 BDSG, we expressly object to any use and disclosure of our data without explicit permission.","description_3":"Should parts of these notices not comply with applicable law, the remaining parts shall remain unaffected."}},"whistleblower_system":{"subheadline":"01/2025","headline":"Whistleblower System","description_1":"Through our clear value system and our guidelines, it is transparent that we place great value on responsible behavior at suresecure GmbH. This can only be achieved if we adhere to the legal and ethical framework conditions. To meet this requirement, we would like to receive information about compliance-relevant misconduct.","description_2":"Therefore, we offer not only all employees, but also all third parties the possibility to report violations of laws and internal regulations. Confidentiality, anonymity, and data security are guaranteed. Each incoming report is carefully checked and violations are followed up. This not only meets our legal corporate obligations, but also provides opportunities to forward information about the protection of employees and the company.","description_3":"With clear processes, we want to make the reporting process as easy as possible and actively encourage misconduct without fear. All information on this can be found in the PDF.","download":"Download"},"privacy_policy":{"headline":"Privacy Policy","intro_paragraph":"We collect, process, and store personal data in accordance with the European General Data Protection Regulation. With this privacy notice, we inform you about data processing at suresecure GmbH within the scope of a contractual relationship or application process, as well as when using our website.","general_information":{"title":"A) General Information","contact":{"title":"1. Contact","responsible_party":"Responsible for processing your personal data is the Data Protection Officer of suresecure GmbH
suresecure GmbH, Industriestraße 2, 76131 Karlsruhe
Hausbroicher Str. 296d
47877 Willich
Email: datenschutz@suresecure.de
Phone: +49 (0) 2156 974 90 64","complaint_intro":"If you believe that processing of personal data by suresecure GmbH violates data protection regulations, you can contact the official Data Protection Officer of the State Commissioner:","state_commissioner_details":"State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
Kavalleriestraße 2-4
40213 Düsseldorf
Phone: 0211 / 38424-0
Fax: 0211 / 38424-10
Email: poststelle@ldi.nrw.de"},"rights_data_subject":{"title":"2. Rights of the Data Subject","paragraph":"According to Art. 15 GDPR, you have the right to obtain information about the personal data stored about you, including recipients and the planned storage period. If incorrect personal data is being processed, you have the right to request correction according to Art. 16 GDPR. If the legal requirements are met, you can request deletion or restriction of processing (Art. 17, 18, and 21 GDPR) or object to the processing (Art. 21 GDPR)."},"legal_basis":{"title":"3. Legal Basis","paragraph":"The legal basis for data processing is Art. 6 Abs. 1 S. 1 GDPR. Our legitimate interest in the data processing is based on the purposes listed in the following paragraphs. We do not use the collected data for purposes other than those listed."}},"contractual_relationship":{"title":"B) Data Processing within the Scope of a Contractual Relationship","purpose_legal_basis":{"title":"1. Purpose and Legal Basis of Processing","paragraph":"We collect and process your personal data, if necessary, to fulfill the contractual agreements we have entered into (Art. 6 Abs. 1 S.1 GDPR)."},"recipients":{"title":"2. Recipients of Personal Data","intro_paragraph":"Your personal data will not be disclosed to third parties for purposes other than those listed below:","disclosure_paragraph":"If this is necessary for the performance of a contract with you, your personal data will be disclosed to third parties. This includes the transfer to external companies (suppliers and service providers) we have commissioned to perform the contract. The transferred data may only be used for the purposes mentioned."},"transfer_third_countries":{"title":"3. Transfer of Data to Organizations in Third Countries","paragraph":"Data transfer to third countries (countries outside the European Economic Area - EER) only takes place if this is necessary for the performance of our contractual obligations or if you have given us your consent or if this is otherwise permitted by law. In this case, we take measures to ensure the security of your data, e.g. through contractual arrangements. We only transfer to recipients who ensure the security of your data in accordance with the GDPR for the transfer to third countries (Art. 44 to 49 GDPR)."},"storage_duration":{"title":"4. Duration of Storage of Your Personal Data","paragraph":"Your personal data is stored as long as necessary for the fulfillment of contractual obligations and compliance with statutory retention periods."}},"application_process":{"title":"C) Data Processing within the Scope of an Application Process","purpose_legal_basis":{"title":"1. Purpose and Legal Basis of Processing","paragraph":"In the selection process, we process your personal application data to the extent necessary to assess your suitability, qualification, and professional performance for the position you are applying for (Art. 33 Abs. 2 German Basic Law for the Federal Republic of Germany - GG)."},"voluntary_obligatory":{"title":"2. Voluntary or Obligatory Nature","paragraph":"For the performance of a legally compliant selection process - and thus in particular for the assessment of your suitability, qualification, and professional performance in relation to the position to be filled (Art. 33 Abs. 2 GG) - we need certain personal data about you. If you do not provide this personal data, we may not consider you for the position."},"recipients":{"title":"3. Recipients of Personal Data","paragraph":"Your personal application data will be received by the respective responsible persons and the management."},"storage_duration":{"title":"4. Duration of Storage of Your Personal Data","unsuccessful_paragraph":"If the application is unsuccessful, we will delete your personal application data six months after the rejection; application documents will be destroyed in this context.","successful_paragraph":"If the application is successful, we will include your personal application data in the personnel file to the extent necessary. The storage of documents in personnel files is subject to legal requirements."}},"website_processing":{"title":"D) Data Processing on This Website","collection_storage_purpose":{"title":"1. Collection and Storage of Personal Data and Purpose of Collection","access_paragraph":"When accessing our website, information is automatically sent to our server by the browser you are using. This information is temporarily stored in a so-called logfile.","collected_info_intro":"The following information is collected and stored without your consent:","list_item_ip":"IP address of the requesting computer","list_item_datetime":"Date and time of access","list_item_file_url":"Name and URL of the accessed file","list_item_referrer":"Website from which the access was made","list_item_browser_os":"Used browser and, if applicable, the operating system and name of your access provider","processing_purposes_intro":"These data are processed for the following purposes:","purpose_list_item_connection":"Ensuring smooth connection to our website","purpose_list_item_usability":"Ensuring comfortable use of our website","purpose_list_item_security_stability":"System security and stability analysis","purpose_list_item_admin":"Administrative purposes","ssl_tls_paragraph":"To protect the personal data you have transmitted to us, we use SSL/TLS encryption for our website."},"contact_form":{"title":"2. Data Collection and Processing when Using the Contact Form","paragraph1":"If you use our contact form, the data you submit will be collected and stored automatically. These personal data will only be used for the purpose of processing your request, for sending an offer, or for contact in case of follow-up questions.","paragraph2":"The legal basis for processing this data is Art. 6 Abs. 1 lit. a GDPR, if you have given us your consent to use the data specified in the form. The personal data transmitted via the contact form will be deleted after processing your request, unless there are legal retention periods. The personal data collected in the email logs for sending emails from the web environment will be anonymized after one day and deleted after 60 days."},"newsletter":{"title":"3. Data Collection and Processing when Receiving the Newsletter","paragraph1":"If you want to receive our newsletter, we need your email address and information to verify that you are the owner of the email address and agree to receiving the newsletter. To ensure a consent-based newsletter delivery, we use the so-called double-opt-in process.","paragraph2":"The newsletter software used is Newsletter2Go. Your data will be transmitted to the Sendinblue GmbH. Sendinblue is not allowed to sell your data and use it for purposes other than sending newsletters. Sendinblue is a German provider selected by us according to the requirements of the GDPR and the Federal Data Protection Act. You can find more information {here}.","paragraph3":"The storage of your email address serves the purpose of being able to send you the newsletter. We store your IP address and the time of registration and confirmation to be able to prove your registration lawfully and, if necessary, to clarify a possible misuse of your personal data. This also constitutes our legitimate interest.","paragraph4":"If you have given us your consent, the legal basis for processing the data is Art. 6 Abs.1 lit. a GDPR. If the processing is based on a legitimate interest on our part, the legal basis is Art. 6 Abs. 1 lit. f GDPR.","paragraph5":"These data will be deleted as soon as they are no longer necessary for the purposes mentioned. The storage is therefore carried out as long as you are subscribed to the newsletter. You can withdraw your consent to the storage of data, the email address, and their use for sending the newsletter at any time. You will find a corresponding unsubscribe link in each newsletter. Alternatively, you can contact us at any time via the contact options provided in the privacy policy and on the websites."},"cookies":{"title":"4. Cookies","paragraph1":"Cookies are small text files that are stored on your device when you access our website. They serve to make our website more user-friendly, efficient, and secure.","paragraph2":"The cookies used on our website are so-called \"session cookies\". The \"session-ID\" created by a session cookie allows different requests of your web browser to be assigned to the current session and to recognize your device when you return to our website. Session cookies are deleted when the current session ends.","paragraph3":"The use of cookies serves to ensure the proper operation of the website and the provision of basic functionalities for using the website. Our legitimate interest in these purposes is based on the processing of data. The legal basis for the use of cookies is Art. 6 Abs. 1 lit. f GDPR.","paragraph4":"You can control the acceptance or rejection of cookies in your browser settings or be informed in advance if cookies are to be stored. Your browser also offers the possibility to delete already set cookies.","paragraph5":"If cookies are deactivated, the functionality of the websites may be impaired. Further information can usually be found in the settings of your internet browser."},"google_analytics":{"title":"5. Web Analysis with \"Google Analytics\"","paragraph1":"This website uses the service \"Google Analytics\", which is provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The service uses \"cookies\" - text files that are stored on your device. The information collected by the cookies is usually sent to a Google server in the USA and stored there.","paragraph2":"This website uses IP anonymization. The IP address of the users is shortened within the member states of the EU and the European Economic Area. Due to this shortening, the personal reference of your IP address is removed. In the framework of the agreement for the commission of data processing, which the website operators have concluded with the Google Inc., this company uses the collected information to create a usage analysis and to provide services associated with internet usage.","paragraph3":"You have the option to prevent the storage of cookies on your device by making the appropriate settings in your browser. It is not guaranteed that you can access all functions of this website without restrictions if your browser does not allow cookies.","paragraph4":"You can prevent the collection of information by cookies (including your IP address) by using a browser plugin. The following link leads you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de {here} you can find further information about data processing by the Google Inc."},"storage_duration":{"title":"7. Duration of Storage of Your Personal Data","paragraph":"Your personal data processed through our websites will be stored only as long as necessary for the performance of the respective processing. Furthermore, your personal data will be stored if statutory or contractual retention periods require this."}},"linkedin_insight":{"title":"6. Web Analytics and Conversion Tracking with the LinkedIn Insight Tag","paragraph1":"We use the conversion tracking tool “LinkedIn Insight Tag” provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”), on our website. The LinkedIn Insight Tag places a cookie in your web browser that enables the collection of, among other things, the following data:","paragraph2":"This data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share any personally identifiable information with us but provides anonymized reports on website audience and ad performance instead.","paragraph3":"The collected data is also used for conversion tracking and target group creation (retargeting) in order to display targeted advertisements to visitors of our website on LinkedIn. The legal basis for the use of the LinkedIn Insight Tag is your consent in accordance with Art. 6 (1) (a) GDPR, provided you have granted it via our cookie banner. You may withdraw your consent at any time through the cookie settings.","paragraph4":"LinkedIn may also transfer data to the United States. For such transfers, the EU Standard Contractual Clauses (SCCs) apply as an appropriate safeguard pursuant to Articles 44 et seq. GDPR.","paragraph5":"For more information on LinkedIn’s data privacy practices, please visit:","paragraph6":"and for details on the use of the Insight Tag, see:","ip_address":"IP Adresse,","timestamp":"Timestamp,","device_attributes":"Device and browser characteristics,","page_count":"Page views."},"events":{"title":"E) Data Processing in the Context of Events","purpose_legal_basis":{"title":"1. Purpose and Legal Basis","paragraph":"For the registration and participation in our events, we collect and process personal data (e.g. name, email address, company, position) insofar as this is necessary for the organisation and execution of the event (Art. 6 para. 1 lit. b GDPR). Where consent is required – particularly for photo and video recordings – processing is based on Art. 6 para. 1 lit. a GDPR."},"recipients":{"title":"2. Disclosure to Cooperation Partners","paragraph":"Your personal data will only be transferred to service providers or cooperation partners involved in the event where this is necessary for its execution. No further transfer to third parties takes place."},"photo_video_streaming":{"title":"3. Photo and Video Recordings as well as Livestreaming","paragraph":"During our events, photo and video recordings – including livestreams – may be made. These recordings may be used for documentation purposes as well as for our public relations activities and those of our cooperation partners (e.g. website, social media, event materials). The legal basis for this is your consent (Art. 6 para. 1 lit. a GDPR). In individual cases, processing may also be based on legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with Section 23 of the German Art Copyright Act (KUG)."},"consent_revocation":{"title":"4. Consent and Withdrawal","paragraph":"By registering for our events, you agree to the processing of your data and the use of photo and video recordings as described above. Providing consent is voluntary; however, it may be a prerequisite for participation in the event. You may withdraw your consent at any time with effect for the future."},"storage_duration":{"title":"5. Storage Duration","paragraph":"The data collected in connection with the event will only be stored for as long as necessary for the execution and follow-up of the event as well as for compliance with legal retention obligations. Photo and video recordings will be deleted once they are no longer required for the purposes described above."}}},"Blog":"Blog","Events":"Events","Podcast":"Podcast","Downloads":"Downloads","agb":{"date":"As of December 1st, 2022","general_terms_and":"General Terms and","conditions":"Conditions","scope":"§ 1 Scope","scope_description":"These General Terms and Conditions apply to all contracts concluded between us and you. These General Terms and Conditions of Business and Delivery (hereinafter referred to as \"GTC\") apply to all contracts concluded between suresecure GmbH and the customer. Customers are exclusively entrepreneurs according to § 14 BGB, legal entities under public law or special funds under public law. These GTC do not apply to business transactions between suresecure GmbH and consumers according to § 13 BGB.","scope_description_2":"The customer's general terms and conditions do not apply. This also applies if suresecure GmbH does not expressly object to such general terms and conditions of the customer. The customer's general terms and conditions only apply with express written agreement between the parties.","subject_matter_of_contract":"§ 2 Subject Matter of Contract","subject_matter_of_contract_description":"Within the scope of the contracts concluded between the parties, suresecure GmbH (hereinafter also referred to as \"Contractor\") provides the Professional Services agreed therein to the customer (hereinafter also referred to as \"Client\").","subject_matter_of_contract_description_2":"Professional Services particularly include the provision of specialized services in the field of IT security, incident response services, as well as the provision and implementation of software and/or hardware products or service components.","subject_matter_of_contract_description_3":"Depending on the agreement, the Professional Services provided by suresecure GmbH concern the following services:","subject_matter_of_contract_description_4":"Implementation projects (special, highly specialized services)","subject_matter_of_contract_description_5":"securescan (precautions and risk assessment regarding IT security incidents)","subject_matter_of_contract_description_6":"secureassessment (including flat-rate package for company IT security situation)","subject_matter_of_contract_description_7":"Maintenance & review of implemented security systems within security guidelines","subject_matter_of_contract_description_8":"Managed Security Services (option to obtain services with specific response times through a contractual relationship)","subject_matter_of_contract_description_10":"Technical Consulting (including SIEM, cryptography, Data Leakage Prevention)","subject_matter_of_contract_description_11":"Licenses and Hardware","subject_matter_of_contract_description_12":"If the provision of services is also agreed upon in the contract, the contracting parties agree that these are generally projects within the scope of orders placed here and not employment relationships subject to social insurance between the Contractor and the respective Client. The consultants provided by the Contractor in case of an assignment are free regarding the manner of execution of their assigned orders as well as regarding place and time of order execution. However, the consultants will appropriately consider the project requirements set by the Client. The consultants are not subject to any instructions from the Client (the employer's right of direction is exercised solely by the Contractor); technical and project-related instructions remain unaffected. Work according to instructions and/or integration into the Client's work organization does not take place.","3_contract_conclusion":"§ 3 Contract Conclusion","1_offer_and_acceptance":"1. Offer and Acceptance","offer_and_acceptance_description":"The Contractor provides its services only upon conclusion of a binding contract with the Client. This requires the Client to accept a binding offer from the Contractor. The Contractor's offer contains the essential service components including attachments. The Contractor is regularly bound to this for one week unless a different binding period is explicitly stated in the written offer. Acceptance after expiry of this period is to be understood as a new offer by the Client, the acceptance of which is at the Contractor's discretion.","2_orders_and_order_confirmations":"2. Orders and Order Confirmations","3_pre_negotiations":"3. Pre-negotiations","pre_negotiations_description":"The scope and manner of services to be provided by the Contractor are exclusively determined by the documented contract documents, particularly the respective offer of the Contractor, these GTC, and other contract documents including attachments. Statements, offers, and declarations made during pre-negotiations or via internet presence by the Contractor or its employees are not part of the contract unless the parties explicitly refer to them in the contract documents. Accordingly, such pre-contractual statements, offers, and declarations are non-binding.","11_miscellaneous":"§ 11 Miscellaneous","1_choice_of_law":"1. Choice of Law","choice_of_law_description":"All contracts under this agreement are exclusively subject to the laws of the Federal Republic of Germany, excluding the UN Convention on Contracts for the International Sale of Goods.","2_place_of_performance_and_jurisdiction":"2. Place of Performance and Jurisdiction","place_of_performance_and_jurisdiction_description":"The place of performance and exclusive jurisdiction is the location of the Contractor's main office, as the respective contracting parties are merchants, legal entities under public law, or special funds under public law. However, the Contractor is entitled to sue the contracting partner at any other legal venue.","3_translations":"3. Translations","translations_description":"For translated versions, the German version of the GTC in its current version is authoritative.","4_severability_clause":"4. Severability Clause","severability_clause_description":"Should individual provisions of the General Terms and Conditions or the contracts concluded between the parties be or become wholly or partially invalid or void, or become wholly or partially invalid or void due to changes in legislation or through supreme court jurisdiction or in any other way, or should the contracts contain gaps, the parties agree that the remaining provisions shall remain unaffected and valid. In this case, the contracting parties commit to agree on a valid provision in consideration of the principle of good faith instead of the invalid provision, which comes as close as possible to the meaning and purpose of the invalid provision and which the parties would have agreed upon at the time of conclusion of the contract if they had known or foreseen the invalidity or nullity. The same applies if the contracts should contain a gap."},"blog":{"filter_blog_posts":"Filter Blog Posts"},"not_found":{"stage":{"headline_1":"ERROR 404","headline_2":"The other security service","description":"This page brings you absolutely nowhere. Here you go back to the start page.","button":"To the start page"}},"managed_soc":{"stage":{"headline_1":"Managed SOC","headline_2":"WITH ALL EXTRAS","description":"Digital infrastructures are becoming increasingly complex and monitoring all potential attack vectors is becoming increasingly difficult. Our Managed SOC protects digital infrastructures 24x7 with a high degree of automation, efficient processes, scalable technology, and a large-scale expert team. With the integrated cyber insurance, we also protect against possible financial damage.","scroll_button_text":"Protect now."},"intro_section":{"subheadline":"SOC at us - only with People, Process, Products.","headline_1":"Let's talk about the SOC basics:","cyber_icon_card_1":{"title":"PEOPLE","description":"Interdisciplinary teams set up 24x7 for your security."},"cyber_icon_card_2":{"title":"PRODUCTS","description":"Modern, scalable architectures with SIEM and SOAR with high flexibility when connecting sources."},"cyber_icon_card_3":{"title":"PROCESSES","description":"Efficient through clear responsibilities, processes, escalation levels & a high degree of automation."}},"people":{"subheadline":"People: INTERDISCIPLINARY TEAM","headline_1":"WITH WHITE HATS","headline_2":"AGAINST BLACK CATS","description":"The SOC in Managed SOC - stands for Security Operations Center and is an organizational unit that would not exist without the expertise of the people who are active here. We are proud to have so many passionate experts for us and combine here Platform- and Detection-Engineers, Incident- and SOC-Analysts, DevOps, Consultants as well as Incident Managers. We train them continuously to be on the pulse of the times. We have already developed the appropriate defensive concept for new attack patterns. So we can provide individual Detection Rules and Playbooks for our partners."},"products":{"subheadline":"Products: Protected 24/7 with Google + us","headline_1":"MANAGED SOC WITH","headline_2":"GOOGLE SPEED","description":"We are Google Cloud Security Partner and proud to be one of the few providers to fully set up Google SecOps. Google has always occupied the field of finding and finding through analysis of the entire internet. With Google Security Operations there are clear dashboards that show anomalies immediately. Through the intuitive system, processes can be traced back to the last detail based on the corresponding log sources. Our analysts then enter a deep forensic investigation based on fixed processes and detection metrics if necessary. So we can immediately provide a Cyber-Kill-Chain. With Google SecOps, a SIEM and SOAR solution was brought to the market that impresses with enormous speed and the connection of the databases of Mandiant and Virustotal. These databases migrate under Google Threat Intelligence - short GTI -, the largest cyber database in the world."},"process":{"subheadline":"Process: Standards ensure constant quality:","headline_1":"EXPERIENCED PROCESSES","headline_2":"ARE THE HEART","description":"Unique processes and clear escalation levels create efficiency in Managed SOC. Just as a high degree of automation through Detection Rules & Playbooks. So analysts and analysts can focus exclusively on relevant alerts. This increases the effectiveness of the digital shield. If a critical alert is identified, our Incident Management process is immediately started with the provision of an Incident Manager as well as the CIRT."},"incident_section":{"subheadline":"Incident Response/Process: In case of emergency – immediate response","headline_1":"FULL SERVICE","headline_2":"INCIDENT HANDLING","description":"It is often forgotten that a security incident is a business crisis. In crises, chaos often reigns and when cross-cutting issues have to be dealt with, many departments have to contribute. Not only forensic work, but also management, communication and legal are areas that are assigned special roles. With our framework, you get all areas from one hand."},"cyber_insurance_section":{"subheadline":"Integrated Cyber Insurance: Managed SOC replaces the Risk Dialogue","headline_1":"MANAGED SOC WITH","headline_2":"CYBER INSURANCE","description":"The integrated cyber insurance is an important building block for business resilience. It covers, among other things, property damage such as data loss or recovery costs, forensic analyses, crisis management and accompanying crisis communication, protection against cyber extortion, reputation protection, the assumption of legal costs and IT service provider failures. So we make sure that in a security incident all important components are covered and the productive operation can start up as quickly as possible. This goes without a risk dialogue - simply insured through our partner DUAL. This removes the biggest barrier on the way to cyber insurance."},"addons_section":{"subheadline":"Possible Add-Ons: Expand the Managed SOC flexibly","headline_1":"Options have,","headline_2":"instead of need.","dtm":{"title":"DIGITAL THREAT MONITORING","subtitle":"Early data leaks","description":"With Digital Threat Monitoring (DTM) you are one step ahead of digital risks.","features":["Continuous search for stolen data, compromised identities, and information about exposed infrastructure","Stolen data","Compromised identities","Information about exposed infrastructure","Individuals and data associated with them"]},"asm":{"title":"ATTACK SURFACE MANAGEMENT","subtitle":"Your Internet Assets","description":"With ASM, the feeling for your own attack surface becomes reality.","features":["Continuous external ecosystem vulnerability assessment (daily, weekly, as needed)","Inventory of assets running in the external ecosystem","Active asset assessment based on Mandiant-IOCs and Frontline-Intelligence to analyze and evaluate vulnerabilities"]},"ot_security":{"title":"OT-SECURITY","subtitle":"Basics for OT","description":"We bring light into the production halls with context-based exposure management.","features":["Establish visibility: You can only protect what you also see","Consider criticality: Build a digital twin instead of a live intervention in the environment","Assessment of environment and compliance: Evaluate the attack surface and derive action measures"]},"request_button":"Contact usn"},"onboarding_section":{"subheadline":"YOUR PATH TO MANAGED SOC","headline_1":"ONBOARDING &","headline_2":"PRICING","week_label":"Week","timeline":[{"week":1,"title":"Preparation Phase","description":"Preparation of all relevant information for the onboarding project by our transition manager","phase":"Preparation"},{"week":2,"title":"Project Kick-Off","description":"Start of the onboarding project with all stakeholders"},{"week":3,"title":"Onboarding Phase","description":"Implementation has started – our technical onboarding team is at your side","phase":"Implementation"},{"week":4,"title":"Start Service Contract","description":"Finalization of the last task packages"},{"week":5,"title":"Finalization of the last task packages","description":"Last technical adjustments and tests"},{"week":6,"title":"Completion of Onboarding","description":"Complete monitoring by the Security Operations Center + insurance protection","phase":"Delivery"}]}}},"locale":"en","children":"$L17"}],"$L18"]}]}],"$L19"]

SOC Analyst(m/w/d)

At a glance

Your Contact

undefined undefined

SOC Analyst
(m/w/d)