Security Operations Center by Defendeer

Defendeer provides its Security Operations Center (SOC) as a service to customers who don’t want to invest into an own SOC and staff members for a 24 x 7surveillance to detect Cyber Security Threats.



Our cyber security team monitors, detects, analyzes, and resolves cybersecurity incidents, and this 24/7, 365 days a year. Our security defense analysts monitor the detected security events and incidents and notify the customers or initiate direct countermeasures.

Defendeers Security Operations Center acts global

Defendeer operates a global Security Operations Center to guarantee the best coverage for potential Cyber threats. Our Security Defense Analysts monitor the security solutions subscribed with Defendeer to respond to any potential threat detected based on predefined monitoring use cases with urgency and criticality.

We provide two generic data monitoring streams:

Security Application Operations

Our Application Operation Service consists of two different level of services of the solutions subscribed.

Infrastructure Operations:

The service operations team is monitoring the availability of the service and react on potential service degradations or incidents. Based on predefined playbooks the analyst is going to remediate the cause or is going to notify the customer based on the service level agreement. The SLA is depending on the service model implemented (e.g. OnPrem or Cloud).

Service Operations:

This module covers the logical part of the solution such as monitoring the effectiveness of the services or administrator of implemented security rules in the corresponding solution. This also includes the implementation of new use cases or rule sets. To ensure quality and performance a reporting will be generated and provided to the customer.

Cyber Threats Detection and Respond Operations

Our Detection & Respond Operation Service is the core of our SOC setup. Based on predefined security monitoring use cases our Security Defense Analysts monitor and triage all incoming security alerts on a 24/7, 365 basis. Depending on the criticality and urgency the alerts are either handled as Events or Incidents. Besides an immediate notification to the customer, countermeasures are initiated based on playbooks to remediate the potential threat. To standardize and automatizes our SOC efficiency, we’re using SOAR capabilities in our SIEM process.

Detection & Respond Operations is the core of our SOC services as our security analysts monitor and triage the incoming security alerts. They analyze the incoming security events and incidents for each solution assigned. We use SOAR capabilities to automate the SIEM process where possible. Service Operations monitor the availability of the security solutions activated. In case of an incident, the analyst is going to notify the customer of the defined contact point to initiate remediation of the cause. This includes not only the infrastructure part also the logical functionality of the solution to ensure that the security measures are not decreased.


Does Defendeer SOC have access to our sensitive Data?

Most security solutions generate alerts in the form of log data or specific information which will be centralized and then consumed for the SIEM (Security Information and Event Management). The data might consist of sensitive information such as employee data (user ID), company IP addresses or event data subject data (like customer information), etc.

Defendeer is anonymizing these data sets before transferring the data to the centralized SOC database using data masking or encryption. This ensures that for the daily business in our SOC no real data is disclosed and no additional source containing sensitive data is created outside of your control for the notification process to provide the required information to the customer, Defendeer is decrypting the data, so the receiver is able to read, and act based on the real internal data. For Cyber Threats Response services, it might be necessary to dynamically decrypt the data to the Security Defense Analyst for the predefined actions.


A highly competitive solution

Highly skilled and trained Security Defense Analysts of Defendeer monitor and respond to any potential threats. In our recruitment process, we’re focusing on values like high reliability, high commitment, high integrity besides analytical thinking and acting and are all background checked. Our SOC facility with high class infrastructure is secured with an entry system with limited and logged access.

The role of the Defendeer SOC is not limited to detecting threats, but also includes analyzing them, investigating the source, reporting on vulnerabilities discovered, and preventing similar incidents in the future. In other words, our team deals with problems in real time while continuously looking for ways to improve the customer's security status. As one of the best-in-class Cyber Security Company, we offer our SOC as a subscription model with a flat fee including all services plus an activation fee to onboard the client and defining the individual checklists.

Get A Quote

Sign Up for Our Newsletter!