Managed Security Services for Microsoft Defender for Endpoint DACH: 12 Mon Implementation

Initial situation and requirements The rapid growth of digitization is also placing ever-increasing demands on security. While employees are becoming increasingly mobile (e.g. home office), applications and data are shifting more and more to the cloud. Zero trust represents a key approach to meeting these challenges. As a result, the endpoint is increasingly becoming the focus of cyberattacks. In addition, cyberattacks are becoming increasingly sophisticated. To evade traditional antivirus solutions, attackers are using more and more complex malware and attack methods. With Advanced Persistent Threat (APT) attacks, attacks now span multiple endpoints and over a longer period of time, and they don't always rely on malware either. These attacks are very difficult to prevent with traditional endpoint protection solutions and, without a Security Operation Center (SOC), are usually detected too late. With the Managed Security Services for Microsoft Defender for Endpoint (MSS MDE), Telekom offers a modern and comprehensive solution that seamlessly integrates the customer's own Microsoft Defender for Endpoint solution to detect and respond promptly to even complex and manual attacks such as APTs. Our highly professional Security Operation Center performs continuous analysis of suspicious cases and initiates appropriate responses to security incidents. By combining state-of-the-art threat hunting processes with Microsoft Defender for Endpoint installed at the endpoint, the SOC can independently perform a very accurate analysis of what is actually happening at the endpoint and also initiate coordinated countermeasures. The Managed Security Services for Microsoft Defender for Endpoint offers organizations a cost-effective way to take their endpoint security to the next level.

Scope of the service With Managed Security Services for Microsoft Defender for Endpoint, Telekom offers protection against cyberattacks via endpoints based on state-of-the-art technologies. The Managed Security Services for Microsoft Defender for Endpoint comprises the following components:

• Consulting and setup of Microsoft Defender for Endpoints according to customer needs.
• Management of the customer-provided Microsoft Defender for Endpoint - a combined Endpoint Protection and Endpoint Detection & Response solution - subsequently also referred to as Endpoint solution.
• Operation of a Telekom Security Operation Center with security analysts for the evaluation of the customer's alerts, a review process and threat hunting processes, as well as the ability to independently take immediate action on critical security incidents.
• Weekly reports with a summary overview of the current security status.
• Monthly review meetings on the current security status and coordination of recommendations for action.
• Support in case of crisis, around the clock.   Your benefits The customer benefits from:
• the use of state-of-the-art technologies to detect, analyze, and defend against cyberattacks that occur through endpoints;
• the high quality of analysis of security incidents and 24x7 monitoring by the Telekom Cyber Defense & Security Operation Center (SOC);
• the initiation of countermeasures to ward off particularly time-critical attacks, such as ransomware attacks;
• the transparency and visibility of potential threats and risks in its own network and the resulting possible proactive improvement of its security position;
• the strong partnership with a large established SOC, especially from the weekly meetings with the experienced security analysts where the current security status of the customer environment is discussed.

Pricing is monthly.