With the co-managed SOC, you receive our complete SOC service for predefined cases or time periods. We connect our Google SecOps SOAR platform and can get started straight away. No matter which SIEM you use, we are ready to go within a very short time. This means we can provide you with targeted operational support exactly as you need it. Either with a certain number of cases or at certain times, e.g. from 7 pm.
... you have a security infrastructure with a SIEM component and would like to continue to be responsible for its operation and licensing.
... you need support in analysing security events and responding to them. Regularly, on-call or in an incident.
The prerequisite is that you have SIEM expertise in-house, as otherwise the SIEM platform's own operation cannot be guaranteed. If you don't have this, the Managed SOC is the more suitable service for you.
We bring depth and clarity to your security events without a major integration project. We complement, integrate and support operations. No tool or platform changes, no black box service. Shared responsibility with full managed SOC performance according to a defined framework. This includes:
Detecting relevant security events
Analysing & prioritising alerts
Support with response & containment
Continuous improvement of rules & playbooks
Chief Technology Officer
We access the normalised data from the SIEM and process it in our SOC architecture. This is cloud-native, i.e. the data is only processed but not saved or stored. Data sovereignty is therefore retained. Simple structure:
We access the existing SIEM technology or receive the data from it
Connection to the suresecure SOC architecture
Google SecOps SOAR as an analysis and automation layer
This allows us to create a very high-quality depth of analysis in a very simple way and thus increase cyber resilience.
Monitoring of security-relevant activities depending on the commissioned framework. Either on the basis of time periods, criticality or case packages.
Be productive quickly thanks to cloud-native infrastructure and effectiveness within a few days. Transition managers provide support right up to the service launch.
Our Managed SOC is ISO 27001 certified. This reduces risks in the supply chain and supports internal governance, compliance and audit requirements.
Analysis and response steps are automated via playbooks. This speeds up incident processing, reduces manual effort and ensures consistent responses in the event of an emergency.
We develop customised detections that are precisely tailored to the respective infrastructure. This allows us to recognise precisely the patterns that are really relevant in your environment.
Security events are enriched with current threat information. This allows incidents to be better classified, prioritised and processed in a targeted manner.
In the event of an emergency, we are ready to respond immediately. This shortens decision-making processes and reduces the time it takes to contain an attack.
Whether AI support in our processes or fully-fledged SOC agents: We are always on an equal footing with the attacker groups.