Endpoint Detection & Response
Protection directly at the end device.
Early attack detection and precise response through reliable EDR software
Protect your most valuable assets with effective endpoint security
Flexible EDR or MDR model – suitably scalable for the requirements of medium-sized companies
You want to integrate Endpoint Detection and Response into your Security Operations Center?
Endpoints and the associated privileges are by far the easiest, most popular and most promising target for cyber attacks. Once an endpoint has been compromised, it is used as a stepping stone for lateral movement, with the aim of consistently and continuously expanding the privileges gained in order to ultimately infiltrate the entire infrastructure.
Users and their endpoints must therefore be the first line of defense. Endpoint Detection & Response (EDR) solutions and the corresponding team of experts are the foundation for this.
Establish endpoints as the first line of defense
SECURITY FACTORY | DETECT & RESPOND | ENDPOINT DETECTION & RESPONSE
The choice is yours.
EDR as a managed service (MDR)
As your MDR supplier we take over the secure operation of your Endpoint Detection & Response Software.
Optimized EDR managed on your own
We support you with our expertise and the best possible EDR solutions.
Endpoint Detection & Response as a service
The appropriate EDR software is selected based on the collected data. We work with you to identify whether the software from our partners elastic (Endpoint Security) or Microsoft (Defender for Endpoint) is the right choice for you. We therefore offer maximum flexibility – whether cloud or on-premises strategy.
Depending on specific requirements, the scope of EDR services within your Security Operations Center (SOC) is tailored to meet individual needs.
In Managed Endpoint Detection & Response (MDR) our team of experts then monitors your endpoints, analyzes suspicious events and anomalies and raises the alarm as required and in a coordinated manner.
Our EDR & SOC Service Packages
Package #1
Managed EDR | Endpoint Detection & Response
Getting started with automated attack detection: Monitoring your endpoints with Elastic Security or Microsoft Defender for Endpoint.
Ideal for companies that want to strengthen their basic IT security posture and take their first steps toward active threat monitoring.
Package #2
Managed XDR | Extended Endpoint Detection & Response
Expansion of the scope of services from Package #1 to include vulnerability management (Level 2) and identity monitoring (UEBA – User and Entity Behavior Analytics).
Additional XDR features, including hardening and security monitoring for Microsoft 365 cloud services (mail, file storage, chat), as well as monitoring of third-party cloud-based applications via a CASB (Cloud Access Security Broker) are also included.
Ideal for organizations with advanced security levels and more complex IT landscapes that want to centrally secure cloud services and user activities in addition to endpoints.
Package #3
Managed Endpoint Detection & Response (MDR) | Comprehensive SOC
Includes all services from Package #2 plus a central SIEM (Elastic Security or Microsoft Sentinel) and vulnerability management (Level 3).
Ideal for companies with high security levels, large endpoint and cloud environments, and strict compliance or risk profiles that require a comprehensive SOC (Security Operations Center including SIEM (Security Information and Event Management).
Phases of development and implementation
Requirements analysis
Assessment & Workshop
EDR Blueprint
EDR product selection, design, and architecture
Rollout of the EDR solution
on clients and servers and introduction of guidelines
Prüfung der Effektivität
through Cyber Incident Simulations
Handover to operation
as Managed Endpoint Detection & Response (MDR)
MDR operation
Monitoring, reaction & reporting
The aim is to detect and avert attacks at a particularly early stage. In addition, important requirements from best practice frameworks (e.g. CIS Controls, in particular Control 8, 10 and 13) and regulatory requirements (e.g. NIS2 and DORA) are addressed.
Our team of experts has many years of experience in both offensive (penetration testing, red teaming) and defensive (attack prevention, detection and control) security, true to the guiding principle “attack is the secret of defense; defense is the planning of an attack”. Our philosophy is based on a 360° view of IT security, vendor-neutral consulting and partnership-based cooperation at eye level.
Our aim is to provide you with a customized, future-proof security solution that protects your company in the long term. Based on this, you can concentrate on your core business with greater peace of mind.