Skip to content
EN
Header-MDR Header-MDR Header-MDR-Mobile

Managed Detection & Response Service for Enterprises

Our Swiss SOC offers comprehensive threat detection and quick response to protect your company's critical business assets and your reputation.

Arrange a briefing

Managed Detection & Response Service for Enterprises

2778_MDR_royal

What is MDR?

Managed Detection and Response and is used to detect and react on threats to protect your company. MDR is a cybersecurity service provided by a SOC or Cyber Defense Center 24/7 and combines technologies with human expertise. Managed refers to the level of outsourcing to a security service provider.

Why do you need MDR?

Because it is your answer to risks and threats.
For 2025 the Swiss NCSC National Cyber Security Center reported nearly 65'000 incidents, means 178 per day. While attack figures are rising, MDR supports you to proactively address cyber risks. Prompt detection and response to threats are critical elements. We accomplish this by monitoring your IT infrastructure and combining modern tools with our expert's knowledge.

The added value of MDR

3035 3035
MDR reduces cyber incidents by continuous monitoring and rapid threat detection.
3035 3035
By responding faster the financial impact of an attack is minimized and your business continuity is ensured.
3035 3035
In case of staff shortage you can rely on our experts with the fully managed solution. Stay flexibel by adapting the level of service to your resources.
3035 3035
Cost-effective because you don't need to finance an internal SOC yourself to protect your company, and the yearly costs are easy to calculate.

Quicklinks

Anchor: our-competencies

Swiss Toolbox for Managed Detection & Response

With all our MDR services (provided by our Swiss SOC) you will benefit from a toolbox for core protection, a proven selection of functions to ensure your security. Depending on your needs features can be customized if you look for different alerting options or various SLA settings. 

Icon magnifying glass symbolizing threat detection

Threat Detection

Immediate benefit from day one without burden your internal staff resources. We reduce your risk exposure and alert promptly.

Icon notebook and magnifying glass symbolizing a vulnerability scan

Vulnerability Scanning

External scanning included in essential package offering risk based priorization and scalable architecture.

Icon symbolising remediation showing a notebook with signal board

Remediation

Fully automated by SOAR as a service including host isolation and multi-factor-authentication reset.

Icon symbolizing threat intelligence showing a brain and a shieldoyal

Threat Intelligence

Automated feeds providing real-time data for information on threats and indicators of compromise.

Icon symbolizing use cases catalog

Use Cases Catalogue

We develope our own use cases based on Splunk, Microsoft Sentinel and Elastic. And know how they work from A to Z.

Icon symbolizing digital risk monitoring showing a notebook and magnifying glass

Digital Risk Monitoring

Monitoring your footprint and dark web presence as a self-service, will identify leaked information about your company.

Icon symbolizing alterting showing a person on the phoneal

Support

Our alerts include remediation recommendations by our Swiss engineers dedicated for each use case.

Icon symbolizing data sources of it infrastructureoyal

Data Sources

For better transparency we use different log collectors like identity providers, EDR, IDS, honeypot and more.

Icon symbolizing security sensors for gears detection showing

Our Security Sensors

Sensors provide visibility to your network. A modular solution for IDS, log collection, honeypots and vulnerability scans.

Icon symbolizing sandbox showing a honeypot

Honeypot Canaries Sandbox

We make an attacker's approach visible before real damage occurs. Sandbox is an integrated feature of our Customer Portal.

Icon showing a report with text and figuresl

Reporting

Automated monthly reports available via Customer Portal. A yearly Threat Intelligence Report can be shared with your stakeholders.

2779_customer-portal_royal

Customer Portal

Our Customer Portal grants you individual access to all needed tools like alerts, use cases, monitoring, sandboxes or reporting.

Our Services: Managed Detection & Response Packages for different needs

Our Cyber Defense Center offers pre-defined packages for a quick project start. All packages include the MDR toolbox.
Different companies have different security requirements depending on:

  • the size of their organization

  • the availability of skilled staff

  • the desired level of security

  • compliance or other regulations they need to obey (e.g. NIS2)

Managed Detection and Response service packages for different needs
Anchor: mdr-packages

Our MDR Packages grow with your business requirements

If your business grows or your geographic reach expands, your IT will become more complex and you need to fulfill even more guidelines (GRC). Our MDR packages grow with your IT infrastructure, easy to adjust to new needs.

MDR Essential (XDR)

Best for small organizations with 1 to 2 Security FTE.

  • Fully managed by Swiss Post Cybersecurity.

  • Designed for fundamental cybersecurity protection.

  • Includes the complete MDR toolbox.
  • Cost-effective solution for smaller budgets.
  • No in-house skills required. You benefit from our security professionals.

MDR Advanced (SIEM)

Best for medium organizations with 3 to 5 Security FTE.

  • Includes all features of the MDR Essential.

  • For a wider range of challenges and more complex IT infrastructure.

  • Additional data sources, use cases & playbooks.

  • Internal Vulnerability Scanning included.

  • Steering meetings, workshops & additional support credits.

  • Better response time with expert's guidance.

MDR Premium (Extended SIEM)

Best for large organizations with 6+ Security FTE.

  • Co-managed by customer & our team.

  • Includes all features of MDR Advanced.

  • Ultimate protection for enterprise-level security.

  • Enhanced Service Level Agreement for rapid Incident Response.

  • Dedicated Customer Success Manager.

  • CSIRT 7x24 and personalized support.

Our MDR Processes - How our SOC works

Our MDR Services are provided by our Swiss SOC based in Aarau and Morges. 

MDR-process

 

If you are looking for ultimate resilience and confidence in your cybersecurity posture, our MDR Packages will support you achieving your goal.  We offer comprehensive protection, defense against even advanced threats and quick response.

headset-abstract-illustration headset-abstract-illustration

Get in touch with us

Is your organization exposed to risks?
Get in touch with us today to protect your business against cyber threats.

Anchor: cdc-get-in-touch

Let's plan the next steps together

Get in touch with us
Anchor: mdr-faq

FAQ

Here you will find answers to frequently asked questions about MDR Managed Detection & Response.
Which technologies are used for MDR?

MDR uses a lot of different technologies to protect your IT infrastructure like IDS, SIEM, log correllation, EDR/XDR but also Vulnerability Scanning, Threat Intelligence and SOAR. Contact us to receive a complete list.

Can I use MDR without having my own security team?

Yes you can. MDR is available for different levels of outsourcing. Depending on knowledge and staff you can decide which level you need and adapt it over the time.

  • Fully managed means that we provide (nearly) everything for your organization.

  • Co-managed means that tasks are shared between your company and our security professionals. 

What is the difference between MDR and traditional monitoring?

  • Pure security monitoring normally ends as soon as a threat has been detected and the alert has been created.

  • MDR is much more pro-active and includes investigations and human experts taking immediate action if needed. MDR uses modern technology like AI to also mitigate the cyber attack.

Which platforms are supported?

We can collect logs from almost any platform. Our collectors can read the following formats, among others: syslog, flat files, e-mails, etc. This includes, among others:

  • Operating systems: Windows, Linux, Sun, ...
  • Security devices: Firewall, proxies, sandboxing solutions, IPS, ...
  • Endpoint solutions: Antivirus, HIPS
  • Network equipment: switches, routers, ...
Where is our data stored?

Our solutions - in particular our Cyber Defense Center - are developed, operated and provided entirely in Switzerland where data are stored.

Other solutions that might interest you

Incident bell icon

Immediate reaction

Do you need immediate reaction in front of a Cyber attack? Just call us.
+41 21 519 05 01

Our support team is available Monday to Friday, 8:00 AM to 6:00 PM. Customers with an active SLA benefit from 24/7 access. 

Please note: We exclusively support companies and organizations — private individuals are kindly asked to contact their service provider or the local authorities.