Skip to navigation Skip to search Skip to content
    Contact

    Leuchter IT Cyber Security
    Operations Center


    Detect cyber threats in advance and eliminate them before they pose a threat to your business.

    00_Leuchter-SOC-720x480
    To the offers

    Why do we need a
    Security Operations Center (SOC)?


    The number of cyber attacks worldwide has increased rapidly in recent years. Ransomware extortion, data theft, and the failure of digital services and processes can have devastating economic consequences. Hardly a day goes by without reports of hacker attacks, data breaches or IT security vulnerabilities at large companies and organizations. But how do you get comprehensive protection for your corporate network? How do you improve cyber security when it is not even possible to find appropriate IT security experts on the job market? And how is risk management supposed to assess the potential threats if it doesn't even know what they are?

    For this reason, Leuchter IT has built up a SOC that detects and eliminates a wide range of cyber threats in advance - even before they pose a threat to your company.

    Why choose the SOC
    from Leuchter?


    The Leuchter IT Cyber Security Operations Center expands your IT security department and supports you in meeting your legal responsibilities, documented in a security reporting. The service has been ideally tailored to SMEs, with the aim of providing optimum support in matters of cyber security. The services include:


    04_Leuchter-IT-Cyber-SOC-02

    Customer-specific processes can be monitored individually

    24/7 Support (First- und Second-Level-Support)

    Timely detection and elimination of malware

    Proactive monitoring of your IT infrastructure

    Regular security audits

    IT security consulting on known security leaks

    Monthly security reporting

    The special

    Leuchter IT Solutions AG operates the SOC in-house around the clock. Your IT infrastructure is continuously monitored, analyzed and evaluated by our IT security experts. Thanks to the knowledge gained during the detection and prevention process, cyber security is improved in the long term. The benefit: cyber threats against your company can be stopped and eliminated even faster in the future.

     

    The advantages of Leuchter IT Cyber Security Operations Center

     

    Benefit from our IT security knowledge and improve your IT security situation in the long term.

    Already over 1,500 monitored end devices

    Ideal and tailored to SMEs

    IT security experts are made available to you

    More security for your data

    Immediate notification, handling and remediation of security incidents

    Comprehensive IT monitoring around the clock

    Proactive action on malware and vulnerabilities

    Additional IT security experts as needed

    On the pulse of time
    with Microsoft Azure Sentinel

     

    The Leuchter IT Cyber Security Audit uses Azure Sentinel technology. It is a cloud-based SIEM (Security Information & Event Management) solution from Microsoft for automated security threat detection, which allows combining activity data from different sources in a common workspace. Artificial intelligence (AI) and machine learning (ML) are used for security analysis.

    This supports and helps our cyber specialists to quickly detect and avert attack scenarios.

    SOC-LP_Azure-Sentinel_620x382

    You make the rules!


    The Leuchter IT Cyber Security Operations Center offers the option of defining customer- and device-specific rules. This means that individual needs and processes can be addressed to ensure the highest level of security. You also benefit from a default set of over 200 rules

    Depending on the rule, these are checked every 15 minutes or at intervals up to daily. The rules are defined and evaluated specifically for the customer. Leuchter IT Cyber Security Operations Center Silver and higher can run advanced queries thanks to Microsoft Sentinel.

    00_00_SOC-LP-Customer-Rules

    The basis of the Leuchter IT
    Cyber Security Operations Center

     

    Our Leuchter IT Cyber Security Operations Center is based on the four pillars:

    • Prevent

    • Detect

    • Investigate

    • Respond

    The latest technologies and processes are used for proactive monitoring. Algorithms immediately detect and isolate known attack scenarios. Artificial intelligence ensures that suspicious applications and processes are identified and stopped.

    As soon as an alarm is triggered, our cyber security team takes over the analysis and immediately initiates all necessary measures to protect your corporate network.

    Büro_mit Grafik_620x382

    1. Prevent

    All potential risks to your company are identified and transparently listed through a series of assessments. The residual risk is reduced by introducing structured recurring measures, which are listed below. Fully in line with our motto: Prevention is more effective than reaction.

    • Antivirus protection and attack surface reduction
    • Dedicated protection and product updates
    • Threat and security risk management
    • Leuchter IT Security Compliance Checker
    • Leuchter IT Cyber Security Audits
    • Protect Active Directory Security
    00_00_SOC-LP-Prevent

    2. Detect


    The service records security events across all relevant data sources, providing comprehensive visibility and transparency. Advanced attack detection, in near real-time, allows security analysts to effectively analyze notifications, prioritize and isolate endpoints centrally, providing visibility into the full scope of an incident to take action to remediate threats.

    At this stage, customer-tailored rules also take effect and individually block traffic on the network. Suspicious domains, files, URLs and IP addresses from own analyses and third-party suppliers are blocked immediately by default.

    00_00_SOC-LP-Detect

    3. Investigate


    Once an alert is triggered, the SOC manager reviews the alert using a proven and standardized process. Experienced analysts ensure confident decision making and continuous development throughout the detection and analysis process. These include:

    • Evaluation by the SOC analyst
    • Malware analysis, which includes isolating malware in a compartmentalized area and understanding the functionality and capabilities of a compiled program (reverse engineering)
    • Reading out the threat information
    • Assessment by experienced IT security analysts as well as interdisciplinary knowledge exchange
    00_00_SOC-LP-Investigate

    4. Respond


    In the event of an incident, our IT security analysts initiate immediate defensive measures and isolate the malware. A coordinated approach according to the defined process steps enables a particularly fast response. After successful defense, the incident is handed over to the responsible recovery team. The measures include:

    • Development of complex, multi-layered incident response plans (playbooks, runbooks, ...)
    • Multi-step process (containment - remediation - handover to recovery team)
    • SOC analysts initiate defensive measures
    • Crisis management and crisis communication
    • Integrated management on responses (Incident Response Management)
    00_00_SOC-LP-Respond

    Our packages

    The measures listed above (Prevent, Detect, Investigate, Response) are carried out in all our packages.
    The packages differ only according to the scope of services.


    Decide for yourself how much cyber security you need for your company. Choose between our SOC packages Bronze, Silver and Gold.

    • Cyber Security Operations Center

      BRONZE

      • Annual audit
      • Leuchter Custom Rules Basic
      • Semiannual review of the defined technical security requirements
      • Service availability from Mo - Fr, 12 h
      • 1 case and damage limitation per month/device
      contact us

    • Cyber Security Operations Center

      SILVER

      • Device determination
      • Custom detection rules
      • Semiannual audit
      • Leuchter Custom Rules Advanced
      • Quarterly review of the defined technical security requirements
      • Continuous logging of changes in AD with weekly monitoring
      • User based behavior analysis
      • Sandbox analysis
      • Service availability from Mon - Fri 12h
      • 5 cases and damage limitation per month/device
      contact us

    • Cyber Security Operations Center

      GOLD

      • Device determination
      • Custom detection rules
      • Semiannual audit
      • Leuchter Custom Rules Advanced
      • Monthly review of the defined technical security requirements
      • Continuous logging of changes in AD with daily monitoring
      • User based behavior analysis
      • Access to Microsoft experts on demand sandbox analysis
      • Service availability from Mon - Sun 24h
      • 10 cases and damage limitation per month/device
      contact us

     

    Do you need more information?

     

    Do you have questions about the services of our Security Operations Center? Or would you like advice on the subject of IT security? We look forward to getting to know you.

    contact us

    Articles on the topic of IT security

    Knowledge is power! Especially in the prevention of cyber attacks. Therefore, inform yourself in our blog.
     
    Weitere News