Sales Consulting:

SOC as a Service

Put a stop to cybercrime ‒ with an efficient 24/7 security operations center


Why do organizations need an SOC?

Our security operations center uses state-of-the-art technology to analyze your IT environment according to your protection needs, providing visibility and identifying dependencies that may indicate targeted attacks such as ransomware or malware. Based on this analysis, you can better assess the threat landscape in your infrastructure and cloud, and take appropriate countermeasures. In addition, a SOC as a Service can help you achieve your digitalization goals and meet compliance requirements.

plusserver IT-Sicherheit Icon

Transparency and protection

Our analysts monitor conspicuous behavior such as changes in data, processes or network connections.

plusserver Icon Security

Secure digitalization

Digital business processes depend on IT security. Let us help you build a sustainable security strategy.

Schnelle und flexible Umsetzung​

Fast and flexible implementation

Full IT security without your own specialist staff. Incl. onboarding, SIEM operations, managed services and 24/7 analysis.

Attraktive Konditionen​

Attractive terms

Use our service model (Opex) instead of investing in your own infrastructure, software (SIEM) and personnel.

plusserver Icon 24/7 Support

24x7 monitoring

24/7/365 monitoring of your IT environment and security solutions (incl. EDR)

Compliance und Datenschutz​

Compliance and data privacy

Meet challenges such as SiG 2.0 or insurance services with a SOC hosted in Germany.


SIEM platform

For SIEM, we rely on IBM QRadar. Security-relevant data is processed in our own cloud in Germany.


Our SOC use cases are built on MITRE’s state-of-the-art cyber threat detection standard.

Custom onboarding

Our onboarding service (one-time cost) makes it easy to get started with SOCaaS.

Use cases

Meet all criteria

In order to be insured against cyberattacks, comprehensive protection must be in place. A state-of-the-art security system is a prerequisite for this. A SOC to protect the infrastructure or cloud is a helpful element. Modern cybersecurity insurance companies verify proof of such security strategies with corresponding components as part of the sales process.

SOCaaS Anwendungsfall Versicherungen
SOCaaS Anwendungsfall Compliance

Protection from penalties

When data incidents occur, organizations must prove that they had adequate protection in place at the time of the incident. If they succeed in doing so, they may be able to avoid penalties. These are, for example, four percent of the global annual turnover of the previous fiscal year or up to 20 million euros for GDPR violations. Another directive that can be met with a SOC as a service is the IT Security Act (SiG) 2.0 for Critical Infrastructures (KRITIS).

SOC pricing

We would be happy to provide you with a free and no-obligation consultation on SOC as a service and to show you just how much money you could be saving. All prices quoted are net plus applicable taxes and duties. Prices are subject to change.

Compare our price to in-house operation

Third-Party Network Security
from 530,00 €/month
Third-Party EDR
ab 495,00 €/month

SOC as a Service

from 3,900 €/month

Onboarding (optional)

from 7,800 €

Some of our satisfied customers

Protect your endpoints

EDR as a service offers immediate protection against cybercrime. Discover our ESET-based solution now at attractive conditions.

Our partnership with IBM

To deliver a state-of-the-art solution within the Security Operations Center, we are partnering with the repeat leader in SIEM software in the Gartner Magic Quadrant. IBM is a global leader in hybrid cloud, AI solutions and business services. They help clients in more than 175 countries gain insights from their data, improve business processes, reduce costs and gain a competitive advantage in their industries.

IBM plusserver' Technologiepartner


plusserver takes over the complete management of all services required for our SOC as a Service offering. In addition to the managed service (rules and change management), this includes an English and German speaking SOC analyst team and services such as:

  • Provision of the SIEM platform and log collectors (IBM QRadar)
  • Connection of defined IT systems (e.g. EDR platform, firewalls)
  • Automated correlation of events
  • 1st and 2nd level analysis of security events
  • Customer support in case of threats (according to e.g. run & playbook)
  • Maintenance, high availability and optimization of the SIEM platform
  • Reporting

For our Managed SOC, we rely on the industry standard IBM QRadar for SIEM. The security-relevant data is processed in our own data-sovereign and BSI-C5-tested cloud infrastructure (pluscloud VMware).

  • Platform provider: IBM QRadar (listed as Leader in the Gartner Magic Quadrant for SIEM for the 13th time in a row)
  • Sensor technology: security solutions as well as log collectors – also at your site (virtual appliance)
  • Data sources: EDR, Windows, Linux, firewall, flow collectors
  • Data source connections: based on IBM standard;
  • individual use cases on request

Our SOC use cases are developed on MITRE’s state-of-the-art standard for cyber threat detection.

  • The phases of the attack can be correctly identified at any time (cyber killchain).
  • SOC use case database for e.g. EDR solutions or domain controllers is continuously optimized and extended
  • Detection of zero-day vulnerabilities (as a complement to EDR and vulnerability management solutions)
  • SOC analysis and reporting on this basis

Yes, our security services go beyond just providing and operating the infrastructure. We can also help you with your overall security strategy and offer security consulting and services.

Consulting: Whether you want to optimize your security infrastructure, implement a new solution, or just need general advice, we are here to help. Our experts can help you make the right decisions quickly and continuously improve your security architecture.

Onboarding: With the SOC as a Service product, you receive comprehensive and customized onboarding to connect standardized interfaces (sensors/security solutions), activate best practice use cases based on the MITRE ATT&CK, and configure your environment sustainably for the highest level of protection.

Service, support & analysts: Our dedicated 24/7 service and support team, as well as our team of analysts, provide you with personalized, expert assistance in resolving operational issues or analyzing security threats.

As part of our SOC service, we conduct a standardized onboarding* to help you successfully and sustainably implement SOC as a service without your own security experts.
  • Kick-off meeting
  • Inventory and goal definition
  • Customized onboarding plan
  • Connecting log sources (standardized sources)
  • Development of rules and regulations according to current best practice
  • Fine-tuning of security solutions (e. g. EDR-events)
  • Use cases based on the MITRE ATT&CK framework
  • Fine-tuning of the ruleset
  • Run & play book definitions
  • Documentation

Standard onboarding from 7,800 €, additional costs may apply for individual use cases (hourly rate 165 €, daily rate 1,320 €).

Rely on cloud security "Made in Germany"

Trust in the highest security in our certified data centers in Germany. As a founding member of Gaia-X, a VMware Sovereign Cloud Provider and a provider with BSI C5 testing, we offer you future-proof computing platforms that focus on your sovereignty and innovation.

Any questions?

Just drop me a message and I will get back to you quickly.

Daniel Graßer

Daniel Graßer

Senior Director of Security Services

Learn more

The most important facts about the EU security directive at a glance.
Secure applications and workloads from code to (multi-)cloud.
Find and fix vulnerabilities in your IT systems.

11.06.24 | KÖLN

Cloud Security PLUS Expertise

Sichern Sie sich jetzt einen der begehrten Plätze und lernen Sie Best Practices von unseren Security-Experten. Inkl. Datacenter-Tour!