Effective defence measures combined with Incident Detection and Response services are increasingly important to protect companies against cyber attacks. At our ISO 27001 certified and ISAE 3000 Type 2 audited Cyber Defence Center in Switzerland (Baar), we combine first-class expertise and sophisticated technologies with the many years of experience of our security experts and threat analysts and threat analysts. Our comprehensive Cyber Defence Services protect your on-premise, cloud, IoT and OT infrastructures around the clock.
Successful defence against cyber attacks starts with the proactive elimination of known vulnerabilities in your infrastructure as well as the continuous recording and analysis of log information of all system components. Our Basic Detection Services:
Vulnerability Management: Managing the ever-changing threat landscape includes permanent vulnerability scanning. Our cyber security specialists monitor and scan your infrastructure to uncover vulnerabilities and misconfigurations at an early stage.
Security Information & Event Management (SIEM): The analysis of system logs from your infrastructure is central to finding information about security-relevant events. Therefore, all log information is integrated, correlated and analysed in our SIEM system. This allows us to efficiently identify those events that indicate misuse, internal or external attacks or other security threats.
Network Detection & Response: Thanks to the use of different analysis technologies from the fields of artificial intelligence (AI), machine learning and sandbox technologies, we can monitor your infrastructure comprehensively and highly automated. If a threat is detected, your experts are alerted immediately.
It is not uncommon that attackers sneak into normal operations for weeks and months before they strike. Traditional security systems reach their limits with such attacks. Our Advanced Detection Services start where firewalls, intrusion detection systems, spam filters, anti-malware solutions and advanced next-generation security end. Our Advanced Detection Services:
Endpoint Detection & Response (EDR): Many security breaches happen on an endpoint and therefore incidents are best detected there. With our EDR service, you have far more insight into what is effectively happening on an endpoint. This means that attacks are detected much faster and are much easier to investigate. In addition to these advanced detection capabilities, our EDR service allows us to respond very quickly to incidents on one or more affected endpoints.
Threat Hunting: InfoGuard proactively searches for APTs (Advanced Persistent Threats) and anomalies that are not automatically detected. To do this, we continuously collect Indicators of Compromise (IOC) that help us identify new threats in real time. In addition, other security events from the SIEM are also correlated to identify and uncover correlations between potentially suspicious activities within the entire environment. This allows us to immediately take the right steps to stop and isolate the attack.
Cyber Threat Intelligence: Our cyber threat analysts observe the current threat situation around the clock and analyse information from the darknet, threat intelligence feeds and many other sources. Our customers receive a quarterly threat report with a detailed analysis of the general threat landscape and our experts' risk assessment in order to act proactively. Of course, we alert immediately if we find critical indicators or reputation-threatening information.
We provide the full range of services from our ISO/IEC 27001 certified InfoGuard Cyber Defence Center (CDC) in Switzerland: from support to outsourced cloud and managed security services to SOC services, where our cyber threat analysts and cyber defence experts look after your security around the clock.
Security incidents can have a significant business impact and, unfortunately, cannot always be prevented. Therefore, a fast and professional response by proven experts is crucial. Our Security Incident Response is carried out through a standardised process according to SANS and guarantees you a quick restoration of normal operations. The InfoGuard CSIRT is a member of FIRST (Global Forum of Incident Response and Security Teams).
In our InfoGuard Cyber Defence Center (CDC) in Switzerland, experienced security experts work in different, highly specialised teams. Collaboration within the CDC and also with other InfoGuard teams creates synergies that offer our customers real added value. No matter whether vulnerabilities in individual components, new attack strategies or rapid support in the event of an incident: we are the right partner. Tailored to individual needs, companies can use our modular services as managed services of their internal systems or as cloud services without investing in their own infrastructure. For particularly exposed data and systems, our Cyber Defence Center offers you a maximum level of security. InfoGuard is also a member of FIRST (Global Forum of Incident Response and Security Teams), which attests to the high quality standard of its cyber defence and response services.