Client
The innovative IT system house CTL Computertechnik Lang was founded in 1983 by Michael Lang. Today, son Joachim Lang manages the family business as the second-generation owner and employs around 70 people. CTL offers its customers the full range of the IT world: From customized Windows servers and client solutions, set up on VMware clusters, to Internet services such as e-mail hosting, spam filtering and general housing and hosting of infrastructures (IaaS). In addition, the company has been active for years at the company location in Böhmenkirch and in the surrounding villages as an Internet provider in the area of directional radio connections. The long-standing customer relationships are strengthened not least by system maintenance agreements that include comprehensive network monitoring, patch management and other included services such as the creation and maintenance of IT emergency plans.
Challenge
Small and medium-sized enterprises (SMEs), which often have limited budgets and resources, have great difficulty protecting themselves permanently and effectively in the current storm of cybercrime. Complex IT infrastructure, security vulnerabilities, especially zero-day exploits, and, at the same time, increasingly targeted, long-planned cyberattacks are challenging corporate security teams. For this reason, today it is also a matter of detecting attack patterns in networks so early that attackers are deprived of the chance to remain undetected in systems for months. CTL was looking for such a "Cyber Threat Hunting" solution for one of its customers in order to provide a necessary plus in security in this area. The approach: Extending the previously used open source approaches with an effective tool for proactive early attack detection. The challenge: Neither the customer company nor CTL itself had the necessary personnel resources to guarantee the desired complete 24/7 monitoring. The search was therefore on for a full-service "managed detection and response solution" (MDR).
Solution
During the research, CTL management "had no way around the Active Cyber Defense (ACD) service from Allgeier secion". ACD as a "Managed Detection and Response solution" (MDR), analyzes the networks proactively and continuously for anomalies and detects possible attacker communication to Command & Control Servers (C&Cs). The fully managed security service does not tie up CTL's own personnel resources. In the event of anomalies and the associated need for action, the ACD team immediately provides a complete picture of the situation.
ACD is installed "on premise" and includes the monitoring of all systems in a network, regardless of their operating system, device type or logging capabilities. This also applies to IoT, ICS, OT, BYOD or third-party devices.
Result
With the help of the ACD service, CTL Computertechnik Lang has "bought a good bit more security for its customer and also a much better feeling, especially at night". Thanks to the 24/7 managed service, the customer's network is now permanently secured. If anomalies and suspicious attack patterns or activities are detected, Allgeier secion's IT security consultants inform the customer immediately so that countermeasures can be initiated without delay and damage averted. Joachim Lang is so convinced of the advantages offered by ACD that CTL is now an ACD customer itself - for effective protection of its own network.
"We always convey to our customers: 'It's not a question of whether you have to withstand a hacker attack, but only when.' Because the fact is that pure protection tools are no longer sufficient in view of the acute threat situation today. Early attack detection is therefore an important additional security layer and a very useful supplement to the established security measures. I was particularly impressed by the way ACD works, but also by the fact that the "Managed Detection and Response Service" can be flexibly integrated into our network topology. From our point of view, a great added value is that Allgeier secion's SOC team filters the alerts. This prevents a flood of alerts and the resulting dullness. With ACD, we have bought ourselves a good piece of security and an additional pair of eyes to have our networks monitored around the clock - externally and conscientiously.”
Joachim Lang Managing Director CTL Computertechnik Lang