1. Managed Services
1.1. Incident Response
1.1.1. Standard IR
1.1.1.1. SOC based
1.1.1.2. Detection & Analysis
1.1.1.3. Containment
1.1.2. Advanced IR
1.1.2.1. Major Incident Management
1.1.2.2. Root Cause & Malware Analysis
1.1.2.3. Digital Forensics (gerichtsverwertbar)
1.1.3. Partner
1.1.3.1. Sequrium (intern)
1.1.3.2. SySS (national)
1.1.3.3. Ankura (international)
1.1.4. Platform
1.1.4.1. Bynalize AIR
1.1.4.2. DFIR Iris
1.1.4.3. DFIR Tool Suite
1.1.4.4. DFIR Appliance
1.2. SOC as a Service
1.2.1. Abdeckung
1.2.1.1. Identity Security
1.2.1.2. Endpoint Security
1.2.1.3. Network Security
1.2.1.4. Application Security
1.2.1.5. Cloud Security
1.2.1.6. Observation Security
1.2.1.7. Data Security
1.2.1.8. IoT Security
1.2.1.9. Incident Security
1.2.1.10. Kundenservice
1.2.2. Service
1.2.2.1. Identity Protection (incl. Entra ID)
1.2.2.2. Detection & Response
1.2.2.3. Data Loss Prevention
1.2.2.4. Exposure Management
1.2.2.5. Attack Surface Management
1.2.2.6. Cyber Security Posture Mgmt (CSPM)
1.2.2.7. Cloud Workload Protection (CWP)
1.2.2.8. Cloud Apps Security
1.2.2.9. Mail Security
1.2.2.10. Apps Security (M365, etc.)
1.2.2.11. Vulnerability Management
1.2.2.12. Asset Management
1.2.2.13. Patch Management
1.2.2.14. Correlation & Monitoring
1.2.2.15. Data Lake (Forensic & Compliance)
1.2.2.16. Threat Intelligence Reconnaissance
1.2.2.17. Deception
1.2.2.18. ASM & SW Monitoring
1.2.2.19. Hardening & Monitoring
1.2.2.20. Data Acquisition
1.2.2.21. Threat Hunting
1.2.2.22. Malware Analysis
1.2.2.23. Triage
1.2.2.24. Incident Response Handling
1.2.2.25. Data Protection
1.2.2.26. IoT-Services
1.2.2.27. Breaking Glass Account
1.2.2.28. Service Meeting & Reporting
2. SOCaaS
2.1. NDR
2.1.1. Darktrace
2.1.1.1. Network
2.1.1.2. Endpoint
2.1.1.3. Cloud
2.1.1.4. OT
2.1.1.5. Identity
2.1.1.6. E-Mail
2.2. EDR
2.2.1. Microsoft Defender
2.2.1.1. MDE
2.2.1.1.1. Plan 1
2.2.1.1.2. Plan 2
2.2.1.2. MDI
2.2.1.3. MDC
2.2.1.4. MDO
2.2.1.4.1. Plan 1
2.2.1.4.2. Plan 2
2.2.2. Crowdstrike Falcon
2.2.2.1. Prevent
2.2.2.2. Insight XDR
2.2.2.3. Device Control
2.2.2.4. Forensics
2.2.2.5. Firewall Management
2.2.2.6. for Mobile
2.2.2.7. for Defender
2.3. SIEM
2.3.1. LogPoint
2.3.1.1. SIEM
2.3.1.2. SOAR
2.3.1.3. UEBA
2.3.1.4. AgentX
2.3.2. Microsoft
2.3.2.1. Sentinel
2.3.2.2. Azure Monitor
2.3.2.3. Log Analytics
2.3.3. CrowdStrike Falcon
2.3.3.1. LogScale
2.3.3.2. Next-Gen SIEM
2.4. VAS
2.4.1. Qualys
2.4.1.1. Vulnerability Assessment
2.4.1.2. Asset Discovery
2.4.1.3. Patch Management
2.4.2. CrowdStrike Falcon
2.4.2.1. Spotlight
2.4.2.2. Discover
2.4.3. Greenbone (Legacy Option)
2.5. TIS
2.5.1. SOCRadar
2.5.1.1. Cyber Threat Intelligence
2.5.1.2. Digital Risk Protection (Darknet)
2.5.1.3. External Attack Surface Management
2.6. Plattform
2.6.1. Infrastructure
2.6.1.1. Dell EMC
2.6.1.2. Broadcom VMware
2.6.1.3. Kubernetes
2.6.2. Software
2.6.2.1. TIG / Prometheus
2.6.2.2. D3 Smart SOAR
2.6.2.3. Jira SM / IR Platform
2.6.2.4. Confluence
2.6.2.5. API Integration
2.6.2.6. Pipeline (ESB) / NetBox
3. Consulting
3.1. Sequrium
3.1.1. Security-Strategie Beratung
3.1.2. Incident Management Beratung
3.1.3. Trainings
3.2. SySS
3.2.1. Penetration Test
3.2.2. Red Teaming
3.2.3. Advanced IR (Partner)