You've come to the right place if you want to reliably cover critical security incidents without sending your own organisation directly into a large-scale SOC project. A managed SOC is more than just "forwarding alerts". It is about continuously evaluating security-relevant signals in your environment, prioritising incidents in a resilient manner and being able to act quickly in the event of critical incidents. Managed SOC Essential is deliberately focussed on this: You start with a clearly delineated scope of data and receive reliable processing of high and critical incidents.
Essential focuses on the incidents that typically have immediate consequences: compromised identities, privileged accounts, ransomware indicators, lateral movement. You get clear, robust categorisation and rapid escalation when an event crosses the incident threshold.
Through continuous monitoring, safety-relevant activities are recognised and evaluated before they cause damage, regardless of the time of day or day of the week.
Be productive quickly thanks to cloud-native infrastructure and effectiveness within a few days. Transition managers provide support right up to the service launch.
Our Managed SOC is ISO 27001 certified. This reduces risks in the supply chain and supports internal governance, compliance and audit requirements.
Analysis and response steps are automated via playbooks. This speeds up incident processing, reduces manual effort and ensures consistent responses in the event of an emergency.
We develop customised detections that are precisely tailored to the respective infrastructure. This allows us to recognise precisely the patterns that are really relevant in your environment.
Security events are enriched with current threat information. This allows incidents to be better classified, prioritised and processed in a targeted manner.
In the event of an emergency, we are ready to respond immediately. This shortens decision-making processes and reduces the time it takes to contain an attack.
Regular reviews create a reliable basis for improvements, prioritisation and management decisions.
Whether AI support in our processes or fully-fledged SOC agents: We are always on an equal footing with the attacker groups.
So that you can get started without unnecessary complexity, the scope of the Managed SOC Essential is deliberately limited. The following sources are connected within a very short time:
1 cloud-based Endpoint Detection & Response, e.g. Defender
. e.g. Defender
1 cloud-based identity directory, e.g. Microsoft Entra ID
. e.g. Microsoft Entra ID
This way, Essential covers exactly the sources that make the largest proportion of critical incidents visible in many environments: Endpoints and identities.
A managed SOC is not just about technologies or processes. The people behind it are crucial. Specialised experts with clearly defined roles along the entire service lifecycle work in our SOC. Among other things, we work together:
Customer Success Manager - strategic management and further development
Transition Manager - structured, clean onboarding
SOC Analyst - continuous event analysis
Incident Response Analyst - management of high and critical incidents
Detection Engineer - development and maintenance of detection rules & Custom Detections
SOAR & SIEM Engineer - Automation of complex response processes as well as correlation, normalisation and rule sets
Platform Engineer - Stability and scaling of the platform
System & Support Engineer - Connection of hybrid infrastructures, clear access to requests
Each task is the responsibility of a specialist. This increases quality, speed and traceability - especially for complex security incidents
.In all Managed SOC variants, we work with the Google SecOps SOAR service infrastructure. The advantage for you: recurring steps run via playbooks and defined workflows instead of having to start again "by hand" every time. This ensures speed and consistency - especially when things get stressful. Google SecOps also offers further synergies. With Gemini, detection rules can be written and adapted even faster and Google Threat Intelligence gives our SOC access to the largest cybercrime database in the world.
This is how Google SecOps positions itself on the market as an innovative, intelligent and AI-supported SecOps platform. Properly configured - a real game changer in the field of cybersecurity. SecOps is regarded as an innovative, visionary cybersecurity technology and has made it into the Leader Quadrant of the Gartner study for the first time in 2025.
Thanks to our cloud-native approach, we can connect initial data within just a few hours. The entire onboarding process usually only takes a few days. The prerequisite is, of course, that the obligations to cooperate are met. The onboarding process then includes
the relevant assets and the two data sources are defined
implemented and configured the connection
implemented and fine-tuned the playbooks
defined the permitted measures as part of the active response
coordinated reporting content and communication channels
You are therefore not starting with a theoretical model, but with a defined setup that works in operation and is already effective.
We know this. Security always has something to do with trust. That's why we're giving you the opportunity to test our service with our POV. We will make our Managed SOC available to you for a total of two months with just a few days' start-up time and you will have the opportunity to experience the added value for yourself. But you're not just getting to know any Managed SOC. In 2025, we were named one of the leading providers in the next-gen SOC sector in the ISG Provider Lens study. If you are interested in the study, you can request it here.
Full technology stack, complete monitoring and active response. Sounds exciting? Then contact us and get to know us and our service in detail.
Covering critical risks - fast and focussed
Scale cloud environments and monitor them more closely
Correlate hybrid infrastructures holistically
Essential is suitable for you if:
you want to start quickly with a clear scope
endpoints and identities are a key risk area for you
You want to professionalise the handling of critical incidents without overburdening your own organisation
If your requirements are higher or the circumstances are more complex, we recommend the Advanced or Premium version.