Summary

We’ve implemented round-the-clock Security Operations Center (SOC) monitoring in partnership with InfoGuard, a leading Swiss cybersecurity company, to improve our detection and response capabilities across endpoints, identities, email/collaboration, and cloud infrastructure. The service is built on a modern XDR approach with tightly integrated Microsoft security technologies and well-defined incident processes, providing rapid triage, validated investigations, and pre-approved containment actions. All without disclosing sensitive data to third parties.

Key outcomes:

• 24/7 monitoring and alert handling with SLA-backed first response

• Rapid containment on endpoints, identities, email, and supported cloud resources, including all our hosted Single and Multi-Tenants.

• Hybrid collaboration model with clear responsibilities and escalation paths

• Monthly reports for internal assessment.

Scope and Capabilities

Service Overview

Our SOC 24/7 services encompass five key security domains, each designed to provide comprehensive protection against modern cyber threats:

1. Managed Detection and Response (MDR) powered by Microsoft Defender XDR

The majority of security breaches target endpoints and identities, either individually or in combination. Our MDR service provides optimal detection capabilities across endpoints, and cloud identity services through intelligent Defender agent integration.

Key Benefits:

• Enhanced visibility into actual infrastructure activities through advanced metadata analysis

• Rapid threat detection and investigation capabilities for both automated systems and security analysts

• Swift incident response and containment measures across affected endpoints, identities, and messaging systems

• Proactive threat hunting and advanced detection capabilities

2. Cloud Detection and Response (CDR) powered by Microsoft Defender for Cloud

Microsoft Defender for Cloud provides comprehensive protection for multi-cloud environments including Azure, Google Cloud, and Amazon Web Services. This cloud-native application protection platform integrates three essential security functions:

Core Components:

• DevSecOps: Code-level security management across multi-cloud and multi-pipeline environments

• Cloud Security Posture Management (CSPM): Proactive identification and remediation of security vulnerabilities to prevent breaches

• Cloud Workload Protection Platform (CWPP): Comprehensive protection for servers, containers, storage, databases, and other cloud workloads through various specialized Defender services

3. Threat Analysis (TA)

When standard threat detection services require additional investigation to distinguish between legitimate activities and genuine security threats, a specialized threat analysis service by InfoGuard provides in-depth examination directly at affected systems.

Service Features:

• Expert analysis by certified security professionals

• Advanced analytical methodologies for complex threat scenarios

• Identification of previously unknown Indicators of Compromise (IOCs)

• Detailed investigation capabilities beyond standard T1 threat detection scope

4. Incident Response (IR)

Cyber Security Incident Response has become an essential component of modern IT operations. Building an efficient and sustainable IR platform requires specialized expertise and comprehensive planning, similar to Business Continuity Management (BCM) scenarios. (See here: Business Continuity Plan)

InfoGuard's IR Features:

• Specialized incident response professionals

• Comprehensive guidance through all incident response phases

• Structured approach to incident management and resolution

• Integration with existing business continuity processes

5. Recovery Phase Services

Our recovery phase services ensure business continuity and system restoration following security incidents, providing structured recovery processes and lessons learned integration.

About InfoGuard

InfoGuard is a leading Swiss cybersecurity company with over two decades of experience protecting organizations across Europe. They serve major financial institutions including SIX, ZKB, and LGT, with expertise in the banking and insurance sectors

As a Microsoft Security Partner, they specialize in managed detection and response services, cloud security, and incident response capabilities. InfoGuard's team of certified security analysts operates from SOC facilities in Switzerland, and provides expert threat analysis and response services while maintaining the highest standards of data privacy and regulatory compliance. Their deep expertise in Microsoft Defender technologies and proven track record in cybersecurity make them an ideal partner for delivering comprehensive, round-the-clock security operations.