Skip to content
EN
Cyber Defense Center Cyber Defense Center Cyber Defense Center

Cyber Defense Center

Comprehensive threat detection and defense to protect your company's critical business assets and reputation.

Arrange a briefing

Always vigilant for your safety

Cyber threats are the top business risk for CEOs and board members according to the World Economic Form 2025, with potential impact on finances, reputation and operational capability. We respond with effective measures. Our Cyber Defense Center continuously monitors your IT systems in order to detect, analyze, and respond to cybersecurity threats and incidents.

The added value for your company

3035 3035
Strategic solution: We provide continuous threat monitoring and response according to the NIST framework, developed and operated in Switzerland, with measurable results for your risk profile.
3035 3035
Business value: Reduce cyber incidents by up to 73%, reduce detection time by 82% and minimize financial impact by responding faster to threats.
3035 3035
Strategic advantage: While you focus on your core business, we protect your digital assets with a holistic approach that offers you security and compliance without burdening your internal resources.

Quicklinks

Anchor: our-competencies

Holistic safety approach according to the NIST 2.0 framework

Our Cyber Defense Center uses the internationally recognized NIST 2.0 cybersecurity framework to ensure comprehensive protection of your critical business assets.

Anchor: solutions-cdc-govern

Govern

We establish effective governance structures that align your cybersecurity initiatives with your business objectives and provide a clear overview of your security posture.

Flexible tab(Tab id: widget_1742265711726)
    To utilize this module, drag and drop the "Grid options" to the desired section you want to transform into a tab content. Then, add the tab ID. For step-by-step instructions, please refer to: https://zeroheight.com/75eebd230/p/77144b-tab/b/9773fa.
    Anchor: cdc-risk-evaluation
    , Tab enable
    (Tab id: widget_1742265711726; Tab name: Risk Evaluation)

    Risk evaluation

    We analyze your company's security situation to identify gaps and assess their impact on critical assets. In this step, the focus is on improving security so that the available resources can be used efficiently to reduce the greatest risks.

    Anchor: solutions-cdc-identify

    Identify

    We identify and analyze threats and vulnerabilities in your digital infrastructure and assess their potential impact on your business.

    Flexible tab(Tab id: widget_1742266457906)
      To utilize this module, drag and drop the "Grid options" to the desired section you want to transform into a tab content. Then, add the tab ID. For step-by-step instructions, please refer to: https://zeroheight.com/75eebd230/p/77144b-tab/b/9773fa.
      , Tab enable
      (Tab id: widget_1742266457906; Tab name: SIEM)

      SIEM

      Our SIEM (Security Information and Event Management) solution provides you and our analysts with a comprehensive overview of all security-relevant information.

      Our SIEM detection framework combines our specialists' experience with information from all of your organisation's security systems. This allows us to recognise threats selectively and understand the overall context. We can then specifically recognise attacks, stop them, and help you recover.

      , Tab enable
      (Tab id: widget_1742266457906; Tab name: Vulnerability Scanning)

      Vulnerability Scanning

      Our strategic vulnerability scanning approach goes far beyond technical vulnerability detection and instead quantifies your vulnerabilities by business impact, allowing you to prioritize resources and investments based on concrete business risk.

      Features & Benefits
      3035 3035
      Centralized management and configuration for agents
      3035 3035
      Network and agent based scanning
      3035 3035
      Authenticated scanning
      3035 3035
      Onprem, cloud or hybrid deployment
      3035 3035
      Integration with SIEM & Use Cases to verify your Vulnerability Management process
      3035 3035
      Integration with ITSM systems
      3035 3035
      Different risk based prioritization
      3035 3035
      Customizable dashboards and reports
      3035 3035
      Scalable architecture
      3035 3035
      Several options to address IoT and OT environments, incl. critical infrastructue

      Get in touch with us

      Is your business inadequately protected?
      Get in touch with us today to protect your business against cyber threats.

      Anchor: solutions-cdc-protect

      Protect

      We implement and monitor proactive protection measures that protect your critical systems, data and business processes from known and emerging threats.

      Flexible tab(Tab id: widget_1742267606439)
        To utilize this module, drag and drop the "Grid options" to the desired section you want to transform into a tab content. Then, add the tab ID. For step-by-step instructions, please refer to: https://zeroheight.com/75eebd230/p/77144b-tab/b/9773fa.
        , Tab enable
        (Tab id: widget_1742267606439; Tab name: Managed EDR)

        Managed EDR

        Our Managed Endpoint Detection and Response (EDR) service enables fast and comprehensive detection of cyber attacks. It provides our Cyber Defence Center specialists with all the relevant information and resources to successfully combat attacks. By using automation, we can react within seconds instead of hours and help to stop attacks immediately.

        Anchor: solutions-cdc-detect

        Detect

        We monitor your IT environment around the clock and detect security incidents in real time before they can lead to serious business damage.

        Flexible tab(Tab id: widget_1742269320511)
          To utilize this module, drag and drop the "Grid options" to the desired section you want to transform into a tab content. Then, add the tab ID. For step-by-step instructions, please refer to: https://zeroheight.com/75eebd230/p/77144b-tab/b/9773fa.
          , Tab enable
          (Tab id: widget_1742269320511; Tab name: SIEM)

          SIEM

          Our SIEM (Security Information and Event Management) solution provides you and our analysts with a comprehensive overview of all security-relevant information.

          Our SIEM detection framework combines our specialists' experience with information from all of your organisation's security systems. This allows us to recognise threats selectively and understand the overall context. We can then specifically recognise attacks, stop them, and help you recover.

          , Tab enable
          (Tab id: widget_1742269320511; Tab name: Managed EDR)

          Managed EDR

          Our Managed Endpoint Detection and Response (EDR) service enables fast and comprehensive detection of cyber attacks. It provides our Cyber Defence Center specialists with all the relevant information and resources to successfully combat attacks. By using automation, we can react within seconds instead of hours and help to stop attacks immediately.

          , Tab enable
          (Tab id: widget_1742269320511; Tab name: Sandbox, Honeypot, Canaries)

          Sandbox, Honeypot, Canaries

          Early warning systems for hidden cyber threats: Modern cyber attacks are often difficult to detect as they cleverly circumvent conventional security measures. With sandboxing, honeypots and canaries, we rely on intelligent early warning systems that deceive attackers and make their approach visible before they can cause any real damage.

          3035 3035
          Sandboxing analyzes suspicious files in an isolated environment to detect malicious behavior before it reaches your system
          3035 3035
          Honeypots specifically attract attackers and provide valuable insights into their methods and vulnerabilities
          3035 3035
          Canaries are decoy files or systems that immediately report unauthorized access and thus raise the alarm at an early stage
          , Tab enable
          (Tab id: widget_1742269320511; Tab name: Use Case Implementation)

          Use Case Implementation

          Every company has unique business processes and individual security requirements. The use case implementation includes a range of applicable use cases for Splunk and Microsoft Sentinel, as well as our use case management app. This means that we provide a standard set of use cases, enabling you to benefit from the service right from the start. Coverage is continuously improved and expanded during operation. With the help of the Use Case Management App, we can identify the required log sources and determine the applicable use cases with the existing information sources.

          Whether proactive threat detection, automated response measures or the optimization of existing security architectures- we ensure that your cyber defence not only meets current standards, but is also prepared for future threats in the long term. This keeps your company resilient to cyber attacks without limiting your business agility.

          Get in touch with us

          Is your business inadequately protected?
          Get in touch with us today to protect your business against cyber threats.

          Anchor: solutions-cdc-respond

          Respond

          Our specialized Incident Response Team responds immediately to security incidents to limit damage, eliminate attackers and minimize business disruption.

          Icon-CSIRT Icon-CSIRT

          CSIRT

          Our Computer Security Incident Response Team (CSIRT) acts as a strategic crisis partner at management level, focusing not only on technical recovery in the event of a security incident, but above all on business continuity and reputation protection.

          Learn more
          Flexible tab(Tab id: widget_1742270063057)
            To utilize this module, drag and drop the "Grid options" to the desired section you want to transform into a tab content. Then, add the tab ID. For step-by-step instructions, please refer to: https://zeroheight.com/75eebd230/p/77144b-tab/b/9773fa.
            , Tab enable
            (Tab id: widget_1742270063057; Tab name: Managed EDR)

            Managed EDR

            Our Managed Endpoint Detection and Response (EDR) service enables fast and comprehensive detection of cyber attacks. It provides our Cyber Defence Center specialists with all the relevant information and resources to successfully combat attacks. By using automation, we can react within seconds instead of hours and help to stop attacks immediately.

            Anchor: solutions-cdc-recover

            Recover

            We support you in quickly restoring normal business processes after security incidents and implement measures to prevent similar incidents in the future.

            Icon-CSIRT Icon-CSIRT

            CSIRT

            Our Computer Security Incident Response Team (CSIRT) acts as a strategic crisis partner at management level, focusing not only on technical recovery in the event of a security incident, but above all on business continuity and reputation protection.

            Learn more
            Flexible tab(Tab id: widget_1742474368299)
              To utilize this module, drag and drop the "Grid options" to the desired section you want to transform into a tab content. Then, add the tab ID. For step-by-step instructions, please refer to: https://zeroheight.com/75eebd230/p/77144b-tab/b/9773fa.
              , Tab enable
              (Tab id: widget_1742474368299; Tab name: Managed EDR)

              Managed EDR

              Our Managed Endpoint Detection and Response (EDR) service enables fast and comprehensive detection of cyber attacks. It provides our Cyber Defence Center specialists with all the relevant information and resources to successfully combat attacks. By using automation, we can react within seconds instead of hours and help to stop attacks immediately.

              Anchor: faq-solutions-cdc

              FAQ / Best Practices

              Here you will find answers to frequently asked questions about the Cyber Defense Center.
              How does a Cyber Defense Center differ from conventional security solutions?

              In contrast to conventional point security solutions, a Cyber Defense Center offers a holistic, proactive approach to threat detection and defense. It combines state-of-the-art technologies, specialized experts and tailored processes in an integrated model that continuously monitors your entire digital landscape.

              What specific added value does the Cyber Defense Center offer our company?

              The added value manifests itself in three key areas: Risk reduction through early threat detection and defense, cost savings compared to in-house solutions or data breaches, and strategic benefits through improved decision making, regulatory compliance and accelerated digital innovation.

              How will the Cyber Defense Center be integrated into our existing IT infrastructure?

              Integration is seamless and non-invasive via secure connectors that communicate with your existing security systems. We follow a structured implementation plan that takes into account your specific IT landscape, security requirements and business priorities without disrupting ongoing operations.

              How does the Cyber Defense Center help with compliance with regulatory requirements?

              Our CDC is designed to support compliance with key regulations such as GDPR, DPA, NIS2, FINMA requirements and industry-specific standards. It provides comprehensive evidence of security measures, automated compliance reports and continuous monitoring of regulatory requirements.

              Which platforms are supported?

              We can collect logs from almost any platform. Our collectors can read the following formats, among others: syslog, flat files, e-mails, etc.

              This includes, among others:

              • Operating systems: Windows, Linux, Sun, ...
              • Security devices: Firewall, proxies, sandboxing solutions, IPS, ...
              • Endpoint solutions: Antivirus, HIPS
              • Network equipment: switches, routers, ...
              Where is our data stored?

              Our solutions - in particular our Cyber Defense Center - are developed, operated and provided entirely in Switzerland where data are stored.

              Anchor: cdc-get-in-touch

              Let's plan the next steps together

              Get in touch with us

              Cyber Blog

              On the Cyber Blog you will find the current insights, expert articles, and practical tips on the latest cyber threats and security solutions to enhance your company's digital security.

              Go to the Blog
              Do my new use cases keep their promise?
              Do my new use cases keep their promise?
              Use Case Testing Preparation The first step is to analyze which types of logs exist and which could be used to detect the suspicious behavior. How is...
              Read more
              Pay more attention to your vulnerability management
              Pay more attention to your vulnerability management
              Vulnerability versus configuration management Nowadays, IT professionals are inundated with reports of vulnerabilities. In most cases, these are...
              Read more
              Unexpected benefits when setting up a SIEM
              Unexpected benefits when setting up a SIEM
              Definition: What is a SIEM? SIEM stands for Security Information and Event Management System. Before we look at the additional benefits of an SIEM,...
              Read more
              5 Steps to Cybersecurity Risk Assessment
              5 Steps to Cybersecurity Risk Assessment
              Below are 5 basic steps for #cyber #riskassessment of an organization:
              Read more
              Swiss Post Cybersecurity @ ElasticON 2024 in Munich
              Swiss Post Cybersecurity @ ElasticON 2024 in Munich
              The event took place in the Motorworld, at Munich, the 14th of November 2024. Even if you are not an absolute fan of motor sports, or even nice cars,...
              Read more
              Swiss Post Cybersecurity@ DEF CON 32 in Las Vegas
              Swiss Post Cybersecurity@ DEF CON 32 in Las Vegas
              Navigating the Broad Landscape of Cybersecurity in Nevada DEFCON32 offers something for everyone in cybersecurity, from hands-on workshops and CTF...
              Read more
              Hacknowledge’s Journey to Splunk EMEA BOTS 2024
              Hacknowledge’s Journey to Splunk EMEA BOTS 2024
              Two Swiss Post Cybersecurity (formerly known as Hacknowledge) teams travelled from Morges to Zurich to represent the company at Splunk EMEA BOTS...
              Read more
              What a week for the Analytics Team! (and it was only Wednesday)
              What a week for the Analytics Team! (and it was only Wednesday)
              The team was invited to the Splunk Partner Tech Day in Splunk’s premises in Zurich where amazing tech talks were given by @Alex Piger and others:
              Read more
              Splunk Cloud: A (Hopefully) Comprehensive and Technical Review
              Splunk Cloud: A (Hopefully) Comprehensive and Technical Review
              Disclaimer These are key points on the difference and benefits/drawbacks from its author’s perspective and this do not reflect the opinion of...
              Read more
              Hacknowledge attend the ElasticON 2022
              Hacknowledge attend the ElasticON 2022
              To be a bit more specific, the new language to come, called ESQL (standing for Elasticsearch Query Language), will have the ambitious goal to unify...
              Read more

              Other solutions that might interest you

              Incident bell icon

              Immediate reaction

              Do you need immediate reaction in front of a Cyber attack? Just call us.
              +41 21 519 05 01

              Our support team is available Monday to Friday, 8:00 AM to 6:00 PM. Customers with an active SLA benefit from 24/7 access. 

              Please note: We exclusively support companies and organizations — private individuals are kindly asked to contact their service provider or the local authorities.