IT security solutions

Security Operation Center (SOC)

At the core of an SOC are an >SIEM (Security Information und Event Management) and a >Risk Management Tool. By connecting these two solutions, your company is secured against both internal and external attacks.

We advise you on the integration of existing systems and processes. A needs-based design for your company enables us to keep track of costs and benefits for the launch and >operation of an SOC.

>SOC Services from Consist

Security Information and Event Management (SIEM)

An SIEM is the central element of a precise security architecture. It unites two essential aspects of data security: security information management and event management.

That’s why good SIEM solutions not only concentrate on managing log data, but can also gather, index, and analyze event data in real time. This makes forecasts on future incidents possible so that data loss or failures don’t even occur.

The German Federal Office for Information Security (BSI) therefore expressly recommends, in particular, that KRITIS companies set up an attack detection system that continuously performs automated recording and evaluation of ongoing operations in its orientation guide for the implementation of attack detection systems.

Consist uses the market-leading SIEM solution Splunk. For the tenth year in a row, the renowned market research institute >Gartner Inc. has attributed this security platform with particularly good solution competence.

Our highly qualified certified specialists advise you on designing the SIEM to suit your company and perform the implementation.

Solution: >Splunk, >Splunk Enterprise Security

We are happy to support you with the maintenance and upkeep of the SIEM through seamless transition to our managed services. Select a select a service package that suits your company or take the strain off your IT department entirely.

>SIEM-Services from Consist, >Information leaflet

Security Orchestration, Automation and Response (SOAR)

Once a company reaches a certain size, it makes sense to increase automation of security incident processing. Aside from the fact that analysts are significantly unburdened of recurring tasks, this increases response times to events many times over.

The SOAR platform combines security infrastructure orchestration, playbook automation, and case management functions in order to more effectively link IT teams, processes and tools with one another. This can drastically scale security incidents.

Solution: >Splunk Phantom

Endpoint Detection and Response - EDR - XDR

Endpoint Detection and Response (EDR) provides ideal protection for endpoints. They monitor all activities on end devices, analyse them and trigger alarms in the event of suspicious actions.

Extended Endpoint Detection and Response (XDR) is based on the classic EDR approach, but goes one step further and includes not only end devices such as laptops, desktops or servers in the monitoring, but also network, cloud and email security. This makes it better suited to the increasing complexity of IT infrastructures and is also very scalable for both smaller and larger companies.

Even sophisticated threats can be detected and automated responses can be initiated from a centralised console.

Consist uses the market-leading solution > Crowdstrike for this purpose.

Endpoint Management

Efficient endpoint management with the necessary security measures can only be carried out if there is a view of all assets in the company. Tanium enables continuous asset and patch management of all endpoints in the company. Consist is the first accredited Managed Security Service Provider for Tanium in the DACH region.

Solution: > Tanium

Individual solutions no longer do justice to the complexity of today's e-mail attacks. With its technology partner Proofpoint, Consist implements a holistic, user-centered response to tactics and gateways of attack vector number 1.

Solution: >Proofpoint

The biggest cyber security threat companies are facing today is no longer a malicious outside attacker. It’s insiders – employees or external service providers with access to company data. With UBA, suspicious and unusual user behavior can be identified for further analysis. What user behavior management does is to separate their normal activities in the company from irregular activities.

For larger companies, it makes sense to employ machine learning algorithms. They provide reliable results with risk analyses and relevant evidence that complements and accelerates the conventional approaches by analysts in Security Operations Centers (SOC).

Our specialists implement and maintain the right solution for your company.

Solution: >Splunk UBA, >ObserveIT|Proofpoint ITM, >Ekran System

Faced with the growing complexity of insider threats, it’s not enough to concentrate solely on protecting data on machines and networks. It is becoming ever more important to incorporate endpoint management through monitoring tools, which protects even privileged users against operating errors and improper behavior. Thanks to pseudonymized data analyses, employee rights and current legal requirements can be taken into account. Compliance requirements should be handled with traceable inspection paths.

In view of the exponential growth of unstructured and semi-structured data, companies often struggle with data-heavy DLP agents at the endpoint, a time-consuming data classification process, ongoing maintenance, and the disruption of the connection between data owners and DLP administrators.

As such, modern DLP approaches are needed which work in harmony with employee rights while staying comprehensive and keeping data levels low. With ObserveIT|Proofpoint ITM, Consist uses a solution that detects insider threats, rationalizes the investigation process, and implements flexible prevention measures.

Solution: >ObserveIT|Proofpoint ITM

Over 80% of all cyber security incidents occur as a result of human error. Companies lose millions in recovering incidents caused by employees. Classic training programs are often unable to convey the required changes in behavior to employees and provide the necessary motivation. With Proofpoint Security Awareness Training (PSAT) we offer a modern and up-to-date way of training employees at all levels of the company.

Solution: >Proofpoint PSAT