Cloud Security Operations Center

Our reliable Managed Extended Detection and Response (MXDR) service offering with 24/7/365 proactive hunting, monitoring, and response capabilities, based on seamless integration with the Microsoft Security platform

24/7 highly qualified investigation & analysis

ISO 27001 certified service

The best experts in the industry with more than 25 years of experience in the infosec community

Covers OT/IoT, on-premises and various cloud environments

Personal contact to build a strong analyst-customer relationship

Threat Intelligence Research, Detection Engineering and Automation

glueckkanja CSOC Building Blocks

24/7 Incident Response

Utilization of incident response functions in Defender for Endpoint, Defender for Cloud, and Defender for Identity, as well as other Microsoft IR functions to quickly contain all types of threats
Regular development and deployment of new playbooks for Sentinel to ensure efficient defense for all systems

Threat Intelligence

In Purple Team events, we validate our use cases and the Microsoft products used
Our threat experts search numerous sources for new threat scenarios and emerging trends in cyber attacks

Detection Engineering

The results of our threat research and our analysts' experience feed into the Detection Engineering Group to develop new detections and optimize existing ones
Alignment of detections with the MITRE Attack Framework

CSOC Foundation, SOAR & Enrichment

Provision of the CSOC Foundation, where Analytic Rules, Watchlists, and Playbooks are maintained for our customers
Comprehensive, regularly updated Use Case Repository
Regular review of Analytic Rules for quality and adaptation to customer needs
Enrichment of incidents through automated playbooks in Microsoft Sentinel to improve the quality of Security Analysts' decisions
Optionally, we use Copilot for Security to improve and accelerate our SOC processes

Active Threat Hunting

Our threat experts regularly hunt in customer tenants for new, emerging threats and new attack techniques discovered by our threat researchers
This expands the view of our customers' threat landscape and thus increases the quality of protection

Continuous Improvement & Reporting

We continuously improve the Analytic Rules in customer repositories, thereby increasing the security of customer environments
Creation of monthly CSOC reports with recommendations for new settings and configurations based on our best practices (Blueprint)
Access to online reports that provide a comprehensive description of the customer's individual security status

Vulnerability Monitoring

Microsoft Defender monitoring for endpoint vulnerability management
Ad-hoc notification of current threats and provision of daily updated lists of all affected systems
Information about the most urgent threats in an easily understandable newsletter

Customer Stories

Uniper relies on M365 and CSOC

With the introduction of Microsoft 365 and other services from award-winning partner glueckkanja, Uniper transformed its workplace culture and optimized collaboration and security across the organization.

Watch video

This is how we protect your environment and data

Defender for Endpoint

Defender for Cloud

Defender for Office 365

Defender for Cloud Apps

Entra ID Identity Protection

Defender for Identity

Defender for IOT

Microsoft Sentinel

Microsoft Copilot for Security

What Microsoft says

„

With malicious attacks on the rise, we understand security is front and center for our customers. That is why I am excited to congratulate glueckkanja on achieving Microsoft Verified: Managed Extended Detection and Response solution status. Their solution closely integrates with Microsoft 365 Defender and Microsoft Sentinel and has been verified by Microsoft Security engineering to ensure that it provides comprehensive service coverage across the Microsoft Security portfolio.

Rob Leffert

CVP, Modern Protection and SOC, Microsoft