The client currently uses an Endpoint Detection & Response service (EDR) applied by means of Microsoft Defender for Endpoint Plan 2 to a large part of the environment. With this service, the Endpoints (laptops and part of the servers) are monitored 24/7 for suspicious behavior and the Client receives notifications if possible incidents occur. The client wants to realize a complete security monitoring service for which this tender has been issued.
The client wants to expand the monitoring activities to network & application monitoring, or security monitoring in the full breadth. With the help of an Intelligent Detection & Response system (IDR), the company-critical IT infrastructure of the Municipality must be actively protected 24/7 by a Security Operations Center (SOC).
A plot of SOC/SIEM and Forensic servicesService and consultancy hours