Implementation of managed SIEM and SOC

Customised security solutions for IT and OT

Systems for attack detection

The rapidly changing threat situation in the area of cyber security is currently leading to the repeated enactment of new legislation and regulations. These include, for example, the law on the Federal Office for Information Security (BSIG), the Energy Industry Act (EnWG) or the NIS-2 Directive. They oblige operators of critical infrastructure to implement adequate measures for the use of attack detection systems.

Such systems are an effective way of detecting cyber attacks at an early stage and, in particular, help to reduce and prevent damage as well as manage risk.

Security Information and Event Management (SIEM)

The system in question is usually a security information and event management system – SIEM for short. It combines countless items of information from endpoints such as clients or critical components such as firewalls, AD and loghost. The SIEM processes this information in real time to detect and report security incidents. This increases IT resilience and demonstrably ensures compliance.

These systems require specialised knowledge that is hardly available on the market. Accordingly, there is a high customer demand for managed SIEM solutions in the IT and OT area. The target customers are in the small to medium segment.

Security Operations Centre (SOC)

A Security Operations Centre (SOC) is the heart of an effective cyber defence. It enables companies to detect, analyse and proactively respond to cyber threats in real time.

Security experts monitor IT and OT environments around the clock to identify potential attacks at an early stage. With the help of modern threat intelligence and customisable use cases, even highly developed threats can be detected before they can cause damage.

Intelligent correlation of SIEM data can reduce false positives and prioritise real threats in a targeted manner. Our experts analyse suspicious activities in detail and assess the risk to your company.

Open-source technology in the area of operational infrastructure is a valid element of an IT security architecture.
Gerd Herbertz | Business Unit Lead Operational Excellence adesso SE

Our solution

adesso and Blueteam

Together with SOC provider Blueteam, adesso has developed a SIEM product that can be rolled out quickly as a managed service thanks to a high degree of standardisation and automation. The central management platform at adesso as a service (3AS) is operated centrally in the abc cloud (BSI C5) and from there the customer environments are managed. Our cooperation partner Blueteam provides the currently missing SOC module for analysis and forensics.

As a provider of cyber security solutions, Blueteam GmbH has already established itself with a wide range of core competencies and offers customised security solutions for IT and OT areas. Thanks to strong partnerships with renowned technology providers, Blueteam GmbH guarantees innovative and reliable security strategies for its customers.

Your advantages

Time saving

The pre-configuration results in an expected time saving of about 30 - 70 percent when setting up a security architecture.

No licence risks

adesso and Blueteam offer you an open-source solution that protects you from possible licence risks.

Cost reduction

Significant cost reduction compared to commercial products.

Time to be compliant

Thanks to the pre-design, compliance can be achieved in a short time.

IT & OT

With adesso and Blueteam, skills in IT and OT environments are combined in the best possible way, offering you bundled expertise from a single source.

Can be integrated

The adesso and Blueteam open-source toolkit can be optimally integrated into existing or other commercial products and adapted as needed.

Do you have any questions?

No website or brochure can replace a personal conversation about your goals and topics. We look forward to an appointment at your location. Talk to us!