Successful defence against cyberattacks starts with the proactive elimination of known vulnerabilities in your infrastructure as well as the continuous recording and analysis of log information of all system components.

Our Basic Detection Services:

• Vulnerability Management

  Managing the ever-changing threat landscape includes permanent vulnerability scanning. Our cyber security specialists monitor and scan your infrastructure to uncover vulnerabilities and misconfigurations at an early stage.

• Security Information & Event Management (SIEM)

  The analysis of system logs from your infrastructure is central to finding information about security-relevant events. Therefore, all log information is integrated, correlated and analysed in our SIEM system. This allows us to efficiently identify those events that indicate misuse, internal or external attacks or other security threats.

• Network Detection & Response

  Thanks to the use of different analysis technologies from the field of artificial intelligence (AI) and machine learning as well as sandbox technologies, we can monitor your infrastructure comprehensively and highly automated. If a threat is detected, your experts are alerted immediately.

Attackers are patient and clever. It is not uncommon for them to sneak into normal operations for weeks and months before they strike. Traditional security systems reach their limits with such attacks. Our Advanced Detection Services start where firewalls, intrusion detection systems, spam filters, anti-malware solutions and advanced next-generation security end.

InfoGuard Advanced Detection Services:

• Endpoint Detection & Response (EDR)
  Many security breaches happen on an endpoint and therefore incidents are best detected there. With our EDR service, you have far more insight into what is effectively happening on an endpoint. This means that attacks are detected much faster and are much easier to investigate. In addition to these advanced detection capabilities, our EDR service allows us to respond very quickly to incidents on one or more affected endpoints.

• Threat Hunting

  InfoGuard proactively searches for APTs and anomalies that are not automatically detected. To do this, we continuously collect Indicators of Compromise (IOC) that help us identify new threats in real time. In addition, other security events from the SIEM are also correlated to identify and uncover correlations between potentially suspicious activities within the entire environment. This allows us to immediately take the right steps to stop and isolate the attack.

• Cyber Threat Intelligence

  Our cyber threat analysts look at the current threat situation around the clock and analyse information from the darknet, threat intelligence feeds and many other sources. You receive a quarterly threat report with a detailed analysis of the general threat landscape and our experts' risk assessment for your company, so that you can act proactively. Of course, you will be alerted immediately if we find critical indicators or reputation-threatening information.

We provide the full range of services from our ISO/IEC 27001 certified InfoGuard Cyber Defence Centre (CDC) in Switzerland: from support to outsourced cloud and managed security services to SOC services, where our cyber threat analysts and cyber defence experts look after your security around the clock. 

Learn more about the Security Operations Center ›

Security incidents can have a significant business impact and unfortunately cannot always be prevented. However, a fast and professional response by proven experts is crucial. Our Security Incident Response is carried out through a standardised process according to SANS and guarantees you a quick restoration of normal operations.

Learn more about our Incident Response & Recovery Services ›