Security Monitoring

Security monitoring enables companies to detect cyberattacks on their infrastructure in good time and initiate protective measures. Our range of services helps you to continuously monitor your network infrastructure, detect threats and cyberattacks at an early stage and respond quickly.

1. analysis & evaluation:

• Security monitoring check: We analyze your existing network infrastructure and advise you on the introduction of security monitoring.
  
• Gap analysis: We compare your current monitoring solutions with best practices and identify any need for action.
  
• Security requirements: We work with you to define security requirements for security monitoring, taking into account the latest guidelines such as NIS-2 or the BSI recommendation for monitoring and anomaly detection in production networks.

2. realization & implementation:

• Attack detection in network communication: We support you in the selection and implementation of suitable security monitoring tools for attack detection in network communication.
  
• Attack detection in log data: Components in the network infrastructure generate log data, which can be analyzed and thus attacks on the affected component can also be identified.
  
• SIEM integration: We realize interfaces to link the implemented solution with a higher-level Security Information and Event Management (SIEM) system, which centrally manages and monitors security events.

3. enhancement & optimization:

• Integration of ML & AI: We implement customized machine learning and artificial intelligence approaches to enable advanced anomaly detection with automated recommendations for action.
  
• Alarm management: We support the configuration of security monitoring solutions, e.g. informing an employee in the event of a security incident or reducing false positive alarms.
  
• Reporting: We enhance solutions with individualized security reports that help you keep track of your security situation.

4. incident response & support:

• Response Plans: we help you develop a contingency plan for rapid response to security incidents.
  
• Training & Awareness: We train your employees in the use of security monitoring solutions, in responding to security incidents and raise awareness of threats and relevant guidelines and standards.
  
• Incident support: Our team is on hand to help you analyze and deal with security incidents.

We have an experienced team of IT security experts with extensive knowledge in the field of security monitoring. We work closely with you to develop customized solutions for your individual needs.

Contact us for a no-obligation consultation!

• BMBF HAIP - Hybrid AI Intrusion Prevention for Industrial Control Systems
• BMBF SILK - Evaluation of security incidents through AI-based text mining
• BSI Project 507 - “Artificial intelligence” to improve the cyber security of industrial control networks (AI in ICS networks)

• Specht, Felix, Otto, Jens; Efficient Machine Learning-based Security Monitoring and Cyberattack Classification of Encrypted Network Traffic in Industrial Control Systems; IEEE 29th International Conference on Emerging Technologies and Factory Automation (ETFA); Sep. 2024
• Otto, Jens; Grüttemeier, Niels; Specht,Felix: Security Decisions for Cyber-physical Systems based on Solving Critical Node Problems with Vulnerable Nodes, AAAI-Workshop on AI Planning for Cyber-Physical Systems (CAIPI’24), Vancouver, Kanada, Februar 2024
• Specht, Felix; Otto, Jens; Ratz, Daniel: Generation of Synthetic Data to Improve Security Monitoring for Cyber-Physical Production Systems. In: 2023 IEEE 21st International Conference on Industrial Informatics (INDIN), Lemgo, Germany, July 2023
• Specht, Felix; Otto, Jens; Eickmeyer, Jens: Cyberattack Impact Reduction using Software-Defined Networking for Cyber-Physical Production Systems. In: 20th IEEE International Conference on Industrial Informatics (INDIN), Jul 2022.