nicos
MANAGED DETECTION &
RESPONSE SERVICES
As cyber security requirements continue to grow, we are also continuously developing our Managed Detection & Response Services portfolio. So that your company is optimally protected against cyber criminals and cyber attacks.
Click on the icons in the pie chart to find out more about our services.
Prevention
The nicos Cyber Defense Assessment (nCDA), the check-up to get you started.
Reaction
24/7 emergency service from the experts at the nicos Cyber Defense Center (nCDC)
Detection
Permanent monitoring of your IT security using
Managed Detection & Response Services
We are also experts for your SD-WAN!
Find out more about nicos AG.
CYBER SECURITY.
BUSINESS SUCCESS.
nCDA
nicos CYBER DEFENSE ASSESSMENT
The inventory
Our cyber security experts address your individual situation, requirements and options in three phases.
Your potential weak points
First, we conduct an OSINT (Open Source Intelligence) analysis of your publicly accessible information on the clear and darknet and identify potential vulnerabilities and any discrepancies with your deliberately published content.
Analysis provides clarity
In extensive expert interviews and via technical audits, our security experts analyze the cyber resilience of your company with regard to the increasing threat from hackers and current ransomware campaigns (ransomware = blackmail software).
Recommendations show you the way
nicos evaluates the security level of your company in a detailed report. In the final results workshop, we give you specific recommendations for action. We clarify any open questions in direct dialog with you.
START YOUR SECURITY OPTIMIZATION. NOW.
mIR
Managed INCIDENT RESPONSE
Fast and professional help in an emergency
The nicos cyber defense 24/7 Managed Incident Response (mIR) service is part of holistic protection against cyber attacks and is based on seamless monitoring of cyber threat indicators by the 24/7 Managed Cyber Defense Center. The service provides an ad-hoc response to cyber attacks on your IT environment.
The nicos mIR service can also be ordered as an individual service. The important difference in this case is that the detection sensors must be provided by you as the customer and, in case of doubt, further analysis tools must first be introduced into the customer's environment if there are indications of a cyber attack.
Together with security experts from our established partner network, we support you immediately in all phases of incident response when a cyber security incident occurs.
- Initial assessment
- Forensic analysis
- Identification of the scope of the attack
- Elimination of the threat
We offer you a pre-agreed incident response retainer with a defined term and a pre-fixed incident response call-off hour quota.
Our aim is to support you quickly and professionally in dealing with and resolving security incidents in the event of an emergency without further contractual negotiations. Together, we will work to counter active cyber attacks as quickly as possible, contain them and minimize the damage as much as possible.
REACT QUICKLY & PROFESSIONALLY. MINIMIZE DAMAGE.
mEDR
Managed ENDPOINT DETECTION & RESPONSE
Efficient detection of anomalies & rapid response to cyber attacks on your end devices
With Managed ENDPOINT DETECTION & RESPONSE, nicos monitors your company's end devices and detects anomalies and malicious actions in your systems. We establish response mechanisms to efficiently arm your company against cyber attacks.
Our cyber defense experts evaluate information (telemetry) 24/7 around the clock with the support of state-of-the-art systems and market-leading technologies to detect possible attacks. We build on your established EDR system and evaluate each individual system alarm in a semi-automated process.
To keep your IT operations running and your business processes optimally protected.
Incident Response: Every second counts.
The use of modern EDR systems accelerates the analysis of information and expands the analysis options during alarm processing. This enables our incident response team to react quickly to security incidents in your company and initiate comprehensive, customized measures.
Our aim: to react quickly and appropriately.
INCREASE YOUR SECURITY LEVEL. NOW.
mNDR (IDS/IPS)
Managed NETWORK DETECTION & RESPONSE
Network security & integrity of your data traffic
With the nicos Managed NETWORK DETECTION & RESPONSE (mNDR) service, we ensure that your network is monitored and that you can have full confidence in the integrity of your data traffic.
Modern intrusion detection systems (IDS) and intrusion prevention systems (IPS), which have proven themselves on the market, are used to secure your external peripherals and your internal network communication. These (firewall) systems detect threats, prevent cyber attacks and generate alerts.
nicos Cyber Defense experts evaluate these alerts with the support of modern technologies. This enables us to uncover the cause of the incident and develop efficient solutions to contain and resolve the security incident in your network.
With bundled expert know-how & state-of-the-art technologies for your secure network
The combination with nicos AG's Managed WAN and Managed Security Services creates important synergies. Our network, IT security and cyber defense specialists work hand in hand in the 24/7 Service & Security Operations Center (SOC). This means that all the necessary network, security and cyber defense expertise is directly available and the required specialists are quickly accessible. There is no need for time-consuming coordination between different providers. This expertise and the short coordination channels ensure the fastest possible identification of causes and solutions, particularly in the event of critical security incidents.
STRENGTHEN YOUR NETWORK SECURITY. NOW.
Expand your cyber security protection with additional detection and response measures based on email security
mPDR
Managed PHISHING DETECTION & RESPONSE
Efficient protection for your entire IT environment
Phishing emails are still one of the most common initial points of entry for cyber criminals into a company. Through awareness campaigns and training, users are usually fundamentally sensitized to the danger of phishing emails and how they can be recognized. These training courses have one thing in common: the user is instructed not to open suspicious emails and to report them to a central location.
The nicos mPDR service supports IT security in analyzing and responding to all emails declared as suspicious. In a secure environment, these emails are extracted, opened and examined for known indicators. Detected true positives can be used to delete similar emails from all mailboxes in the organization and to optimize the rules of the automated email filter or email gateway.
In addition, it is conceivable to use the recognized web URL of the phishing e-mail to alert or proactively block calls to this URL via the nicos Managed Network Detection & Response (mNDR) service.
Benefits of the nicos mPDR service
- True / false positive analysis of all marked emails and attachments
- Detailed examination of the malicious content including the linked targets and summary of a report
- Recommended action for dealing with the true-positive indicators
- Use of the detected patterns for further tuning of the detection mechanisms
Benefits for your company
- Minimize the number of phishing emails reaching end users
- Reduction of internal capacities for phishing analysis
- Reduction of ransomware attack vectors
- Strengthening the organization with phishing protection that analyses and proactively uses infection paths and patterns.
DO NOT GO ONLINE TO CYBER CRIMINALS.
Cyber criminals leave footprints. We track them down.
mSIEM
Managed SECURITY INFORMATION & EVENT MANAGEMENT
Efficient protection for your entire IT environment
With the nicos Managed SECURITY INFORMATION & EVENT MANAGEMENT (mSIEM) service you achieve state-of-the-art real-time monitoring, which has its strength in the correlation of different log sources as well as the detection of anomalies from the comparability with historical values.
We establish our detection mechanisms, which are kept permanently up to date, on the basis of endpoint, network and application log sources, among other things. These are stored, correlated and, if necessary, alerted for forensic investigations.
We process detected alarms and anomalies semi-automatically in the Cyber Defense Center (mCDC), which is available 24/7.
STAND UP TO CYBER CRIMINALS. NOW.
nicos CYBER DEFENSE CENTER (nCDC)
24 / 7 - always ready for you
Network security & integrity of your data traffic
Our international center of nicos cyber security experts with locations in Münster (Westphalia), Manila (Philippines) and Maroochydore (Australia) enables us to process security incidents promptly. These are increasing in line with the growing threat of hacker attacks and require a prompt response. However, the volume and complexity of security alerts are often overwhelming. In an emergency, however, every second counts when it comes to securing your company and your day-to-day business. Cyber attacks and anomalies in your company network must be detected early, analyzed and rectified immediately. Our cyber security specialists take care of this for you - around the clock, 7 days a week.
nicos offers a multi-level CDC, coupled with a SOAR platform (Security Orchestration, Automation and Response) for the automation and effective processing of alerts, from initial detection, classification and analysis, to the initiation of response measures and support for recovery actions.
Alarm processing is standardized with the help of runbooks, which are adapted between nicos and the customer during onboarding. A runbook defines analysis steps and response measures that are carried out in order to classify an alarm and react at an early stage if necessary.
With bundled expert know-how & state-of-the-art technologies for your secure network
The combination with nicos AG's Managed WAN and Managed Security Services creates important synergies. Our network, IT security and cyber defense specialists work hand in hand in the 24/7 Service & Security Operations Center (SOC). This means that all the necessary network, security and cyber defense expertise is directly available to everyone involved and the required specialists are quickly accessible. This expertise and the short coordination channels ensure the fastest possible identification of causes and solutions, particularly in the event of critical security incidents.
START YOUR SECURITY OPTIMIZATION NOW.
Do not become permeable
Do you have any questions about cyber security or are you interested in our services? Contact us, we will be happy to advise you.
