HYBRID/CLOUD – ON PREMISE

SOC-in-a-Box:

The ideal Solution for your IT Security

SOC-in-a-Box: Your modular security operations center that combines hardware, software, and service in one flexible package. Developed by our experts at doIT solutions, this complete solution offers comprehensive protection for your IT infrastructure - no matter how large or complex your requirements are.

Modular & Scalable

SOC-in-a-Box impresses with its unique modular design, which allows you to combine almost all services. Whether you choose the Enterprise version for maximum flexibility or the all-round carefree Foundation version: you get exactly the protection your company needs. Our solution scales with your requirements and offers 24/7 incident response to detect and mitigate threats in real time.

Active Protection & Optimization

Our solution goes beyond mere monitoring. doIT's team of experts proactively responds to detected anomalies and offers customized optimizations and settings that continuously improve your IT security. Whether it's suspicious activity on endpoints, running services, or in-data traffic – SOC-in-a-Box ensures that you are protected at all times.

Comprehensive SOC Visibility Triad

The combination of NDR, EDR, and SIEM provides you with a 360° view of your network. With SOC-in-a-Box, you are well equipped not only to respond to the KRITIS regulation and the NIS-2 directive, but also to protect your entire infrastructure in no time.

Use of modern Software

We only use reliable industry standard solutions, which means you benefit from the best the security industry has to offer. This enables easy migration to and from our SIAB service as well as seamless integration into third-party products.

Continuous Security Consultation

Our service includes regular security workshops by security consultants to train your employees and continuously optimize your security strategy. In this way, we guarantee constant development of corporate security and ensure that you are always one step ahead of current threats.

Cybersecurity-as-a-Service (CSaaS)

Our CSaaS offers you comprehensive protection directly on site, including 24/7 incident response and continuous development through regular workshops. Thanks to alert engineering, we optimize your security alerts to prevent "alert fatigue". Scalable according to log volume, our SOC-in-a-Box stores your data securely for at least 365 days and gives you full access to your data at any time.

Not in the Mood for Small Talk?

Benefit from doIT's Cyber Security Experts' Know-how

Still at the beginning or concrete ideas already? We are here to help you!
If you have already found a specific topic in the area of cyber security, feel free to arrange an IT security deep dive with us, where we can go into more detail together. If you don't yet have a concrete idea of how to set up your IT security, we are also happy to give you some advice. Arrange your appointment now and protect your company from cyber attacks!

arrange your Deep Dive now!

Compliance made easy

With our SOC-in-a-Box, fulfilling compliance regulations will become hassle-free. We'll help you to effortlessly meet all regulatory requirements and keep your IT infrastructure audit-ready at all times. Trust in our expertise to minimize your compliance risks.

Secure OT Infrastructure

We offer comprehensive concepts in order to detect attackers in your OT infrastructure at an early stage and locate them precisely - whether on switching systems, in the cloud or directly on operational devices. Our security solutions ensure the protection of all critical components that modern companies rely on today.

Comprehensive Protection for your IT Infrastructure

SOC-in-a-Box is the ideal solution that defends your IT security against unwanted attacks and malware. Protect your infrastructure with the world's only combination of hardware, software and service - at a fixed price and tailored to your needs.

SOC-in-a-Box – modular and flexible

General

	Foundation	Enterprise
Deployment Type: On-prem	YES	YES
Deployment Type: Cloud / Hybrid	YES	YES
Multidatacenter Deployment	NO	optional
Reporting	standard	custom
Alerting	service portal & e-mail	service portal & e-mail
Ticket System Integration	NO	YES
SOAR enhanced Security	YES	YES
24/7 Level I + 10/5 Level 2	YES	YES
24/7 Level 2 add-on	optional	optional
Level 1 maximum response time	30 min.	30 min.
Level 2 maximum response time	4 h	2 h
SOC service from Germany	YES	YES
Actionable recommendations for incidents	YES	YES
Security Consulting (on-demand)	48h max response time	4h max response time
Included Security Workshops per year	1	2
Additional Security Workshops (on-demand)	YES	YES
Indicator Enrichment	YES	YES
doIT Threat Intelligence Service	optional	optional
Customer Access to SOC instance (SIEM, EDR, NDR)	YES	YES
Access to SOAR Tenant	NO	optional

EDR

	Foundation	Enterprise
Max Capacity (End points)	1500	4000 +
Agent Monitoring	YES	YES
Response Workflows	standard	custom

NDR

	Foundation	Enterprise
Max Capacity (Gbit/s)	3	10 +
Dataflow Monitoring	YES	YES
Response Workflows	standard	custom
Usecase Deployment	standard	custom
IDS (Intrusion/Detection)	YES	YES

SIEM

	Foundation	Enterprise
Log managment	YES	YES
Max Capacity (GB/day)	150	400 +
Data Source Monitoring	YES	YES
Response Workflows	standard	custom
Usecase Deployment	standard	custom
Datasources for Usecases	standard	custom

Infrastructure

	Foundation	Enterprise
Minimum Log Volume Size	50 GB / day	100 GB / day
SOCaaS for customer owned tools	NO	YES