Due to an ever more far-reaching and comprehensive digitalisation and networking of the IT and OT infrastructure, new attack possibilities are constantly emerging, e.g. phishing, ransomware or advanced persistent threats. The associated risk situation as well as legal and regulatory frameworks (e.g. IT security law) require an increasing focus on the detection, reporting and handling of security incidents related to the company's IT and OT infrastructure. This task is typically performed by a Security Operations Centre (SOC). As a manufacturer-independent service provider, we support you from the requirements analysis, design and procurement to the implementation and operating phase of a SOC and offer you the following services in particular: - Survey of your requirements for a SOC, e.g. relevant specifications and guidelines, definition of the information network, identification of the necessary Scope of functions (log management, incident detection, incident response, threat intelligence, ...) - Design of the SOC, e.g. technical (log management, SIEM, use case management, incident management, reporting, integration with a CERT, ...), organisational (organisational structure, roles, processes, ...) - Design of log management, e.g. required log sources, use of collectors, required log information, secure transmission of log information, time synchronisation - Evaluation (organisational, technical, economic) of suitable operator models for the SOC, e.g. in-house operation, outsourcing, hybrid models - Advice on the award of SOC services: Preparation of tender documents, support during the awarding of contracts, support during implementation - Support for the operation of a SOC (SOC Analysts) As one of only a few BSI-certified IT security service providers, we are a reliable partner for secure ITC infrastructures.
