Security Operation Center

Companies are facing a constantly growing threat situation. Cyber attacks are becoming more and more sophisticated, while IT infrastructures are becoming increasingly complex. A modern, continuously tested and integrative security architecture is required to protect company resources. Preventing cyber attacks is the ideal situation. However, attacks are becoming increasingly refined and the digital vulnerability is constantly growing.

The combination of preventive protective measures, early detection of attacks and effective control is now more essential than ever. Setting up the appropriate technology and the associated skills and processes in-house is very challenging for many companies. Our Managed Security Operation Center offers you continuous, efficient security monitoring as well as a rehearsed and proven response.

Continuously strengthening cyber defense

SECURITY FACTORY | DETECT & RESPOND | SECURITY OPERATION CENTER

The Possehl Security Operation Center uses state-of-the-art technology and highly specialized, trustworthy experts to monitor your digital vulnerability.

The SOC and its experts are based in Germany and have many years of experience in both medium-sized and enterprise environments. True to the motto “attack is the secret of defense; defense is the planning of an attack”, we deploy experts in both offensive and defensive security. Our knowledge of the attackers' motivation, tools, tactics and procedures (TTPs) enables us to counter attacks efficiently and effectively.

Within the SOC, we use a range of technologies and services, including:

  Vulnerability Management

  Endpoint Detection & Response (EDR)

  Network Detection & Response (NDR)

  Security Information and Event Management (SIEM)

  Security Orchestration Automation & Response (SOAR) 

The path to your SOC strategy

We work with you to examine your requirements and develop a SOC strategy tailored to your company. This begins with an initial workshop in which we define use cases and requirements – from Security Operation Center (SOC) to Cyber Defense Center to Managed Detection & Response.

Next, we analyze your existing architecture and use cyber incident simulations based on MITRE ATT&CK to identify potential vulnerabilities in existing technologies and processes. Based on these results, you have the choice – your own optimized Security Operation Center or a SOC as a managed service.

Possehl Security Operation Center – As individual as your IT landscape

As the IT environments, the assets worth being protected, the regulatory requirements and ultimately also the budgets of our customers are different, we conduct a threat analysis, maturity analysis and GAP analysis to design an architecture that meets the requirements, including the associated technology and service level. Customers can decide whether they prefer on-premises or cloud-based technologies and data storage in line with their preferences.

After implementation, targeted attack attempts are made and the tools, tactics and procedures of common and specific threat actors are mimicked with the aim of testing the effectiveness of the technologies and processes introduced.

The SOC architecture is then put into operation. Together with our customers, we define whether in-house operation, a hybrid approach or complete outtasking should be implemented. The associated processes are defined and agreed on the basis of RACI diagrams. In addition, response times, service times, reporting paths and operations within and outside of operating hours are defined and specified.

On this basis, we continuously monitor the environment and respond to security incidents at an early stage. For this purpose, we establish efficient communication and response, ensuring that the environment is returned to its normal state in a targeted manner. After commissioning, our customers are also continuously provided with relevant information on attacks and the quality of the service. As an option, the customer has access to a security cockpit where the status of the environment can be viewed. Optionally, simulated attacks on the environment are carried out at regular intervals, including with rotating vectors and tools: the effectiveness of the SOC is thus continuously assessed and improved.

You decide which services you would like to take advantage of. Your Security Operation Center remains flexible and tailored to your needs. In the case of a Managed Security Operation Center, we define requirements, service levels and KPIs on a highly individual basis.

​ Multi-layered security architecture

Risks and errors can never be completely avoided. However, a coordinated, multi-layered security architecture and continuous monitoring allow threats to be detected and contained at an early stage.

​ Highly qualified personnel

Despite increasing automation in IT, experienced and well-trained specialist personnel remain essential. Our team of security experts monitors your systems 24/7, detects threats and initiates targeted countermeasures.

​ Transparency & individuality

We analyze your existing IT security architecture and develop a tailor-made SOC concept. You remain flexible: you can optimize your own SOC or outsource certain tasks to Possehl Secure.

Our philosophy is based on a 360° view of IT security, vendor-neutral advice and a partnership of equals. Our aim is to provide you with a customized, future-proof security solution that protects your company in the long term. Based on this, you can concentrate on your core business with greater peace of mind. In addition, important requirements from best practice frameworks (e.g. CIS Control, in particular Control 8, 10 and 13) and regulatory requirements (e.g. NIS2 and DORA) are addressed.

Our added value – your benefit