The Magenta Security portfolio offers reliable protection: consulting, early detection and response in an emergency.
Solution

Managed Cyber Defense Package

Extensive protection of data in the company network

  • Targeted detection and deletion of malware – before infiltration of the company network
  • Top Managed Service from Telekom’s Cyber Defense Center
  • All-around protection against cyberattacks in 24/7 shift operation
Contact
Thomas Müller-Kassner
Thomas Müller-Kassner

Head of Product Management Enterprise

Without a SIEM system, victims fly blind in case of an attack

The methods used by hackers are becoming more and more sophisticated, and custom-designed attacks make the detection of cyberattacks even more difficult. Companies therefore need security solutions which can automatically register and remove such activities in the first stage. If an attack is successful nonetheless, companies must be capable of uncovering the approach used by the hacker and initiate countermeasures quickly and effectively.
Potential attackers often gain unrestricted access via email and mobile devices like smartphones and tablets. In these situations, sandboxing technologies and ECG-like monitoring functions provide additional protection, significantly improving traditional protection mechanisms. In addition, a SIEM system (Security Information & Event Management) collects the log data from all network, IT and security sources, automatically evaluates them and detects anomalies. Specialists in the Security Operation Center (SOC) of Telekom Security analyze these irregularities in 24/7 shift operation. They collect information in case of alarms, and provide the IT Security Division of the company with specific recommendations for further actions. In this way, companies profit from the expertise of experienced security analysts as well as from the threat data coming from the Threat Intelligence Platform of Telekom Security. This package offers significantly higher protection from potential attacks and ensures that attackers who managed to slip through the close-meshed security network can be detected quickly and reliably so that effective countermeasures can be initiated.
A number of companies are currently modernizing their IT security due to the changed legislature of the GDPR and the waves of ransomware attacks over the past years. This also includes health insurance companies which employ many data processing programs and possess high volumes of personal data. These assets must be protected separately, which is why the industry is investing in managed SIEM services and mobile security applications. This ensures that activities in the company network as well as devices and applications for mobile staff, such as insurance consultants, are secured.
Further information
Managed Cyber Defense Package
  • How can successful cyberattacks into the company network be detected?
  • Attackers are using increasingly progressive technologies. How can companies keep up?
  • How can existing prevention technologies be optimized?
  • SIEM detects anomalies within the network, so that experienced security analysts can evaluate whether they are dealing with a security incident in real time.
  • Detection and measures for damage control.
  • Protection from advanced persistent threats and mobile devices as well as safeguarding domains and digital identities.
  • 24/7 support from experienced security analysts
  • Access to Telekom’s Threat Intelligence database
  • Modern sandbox technologies reducing the number of security incidents by 50%

Analyze what harm suspicious codes could cause

Is a suspicious email attachment or download a blacklist candidate? The VM-based execution engine delivers the answer.

Managed SOC/SIEM services

Cybercriminals are causing more and more damages with targeted attacks. The study “Cost of a Breach” conducted by Ponemon and IBM shows that a stolen and/or copied file costs an average of 130 euros in 2018. A security incident even caused the affected companies an average of 3.4 million euros in damage. The attackers’ methods are becoming more refined, i.e. sandboxing technologies are tricked by initially inactive, sleeping malware. They then move laterally to spread through the network, which makes it more difficult for the detection software to find them.
For this reason, a central SIEM system is required which monitors all these activities within the network and beyond and renders them visible through alarm messages. Only then can the security officers keep an overview and fulfill the tasks assigned to them. If the SIEM is operated from a SOC, as is the case with Telekom Security’s offer, companies will also profit from the expertise and skills of the experienced security analysts in Bonn. They can filter out false positive messages and support IT Security in finding and removing dangerous malware. To this end, Telekom Security has entered a cooperation with IBM QRadar from which both companies can profit due to the threat data coming from both threat intelligence platforms.