Mid-market without SOC
You want enterprise SOC visibility without hiring five full-time analysts.
MANAGED SERVICE
Managed SIEM — Wazuh as a Service from Germany
Fully managed SIEM without an in-house security team
Running a SIEM costs staff, knowledge, and time. Vyrex provides Wazuh as a managed service — setup, tuning, 24/7 monitoring, incident triage, reports. You get the visibility of an enterprise SOC without its costs.
FOR WHOM?
Who benefits specifically?
IT service providers
You already offer your clients IT support and now need SIEM depth — as a white-label service.
Under compliance pressure
NIS-2, ISO 27001, TISAX — all require central logging and SIEM evaluation. We deliver the evidence.
HOW WE WORK
Structured 4-step process.
01
Asset inventory
We catalog all endpoints, servers, network devices, and cloud workloads that should feed into the SIEM.
02
Agent rollout
Vyrex Node is rolled out via bundle packages — Windows, Linux, macOS. One command per agent, automatic group assignment.
03
Use-case tuning
We enable industry-specific detection rules and tune the system to your IT landscape. We continuously reduce false positives.
04
24/7 SOC + reports
Critical alerts are triaged within 30 minutes, monthly reports automatically appear in the dashboard and via email.
WHAT YOU GET
Concrete deliverables.
Wazuh manager in German data centers
Vyrex Node agents on all systems
Industry-specific detection rules
24/7 triage of critical alerts (P1/P2)
Auto-fix pipeline with approval workflow
Monthly compliance reports
Quarterly tuning sessions
Fixed onboarding team with German speaker
USE CASES
What a SIEM really detects.
A well-operated SIEM delivers more than firewall logs. We correlate events across sources and detect attack patterns that individual tools miss.
- Privilege escalation and lateral movement (most common ransomware precursor)
- Anomalous logins outside business hours
- Unknown processes on privileged hosts
- Suspicious outbound traffic (data exfiltration)
- Vulnerability detection and patch gaps
- Successful brute-force attempts against RDP/SSH
- Endpoint tampering (antivirus disabled, etc.)
FAQ
Frequently asked.
Why Wazuh and not Splunk or Elastic?
Wazuh is open source, doesn't charge license fees per GB, and includes mature endpoint detection. Splunk scales to millions in license costs; Elastic requires significantly more in-house engineering. Wazuh provides 80% functionality at 10% of license costs.
Where are my logs stored?
Exclusively in Hetzner data centers in Germany — Falkenstein and Nuremberg. With OpenSearch document-level security, each customer is isolated in their own index. Cross-tenant access is technically excluded.
How quickly does Vyrex respond to a critical alert?
Critical alerts (P1) are triaged within 30 minutes — 24/7. In case of actual incident, our SOC contacts the agreed emergency contact and initiates containment measures via the auto-fix pipeline.
What does managed SIEM cost at Vyrex?
From €299 monthly in the Basis package up to €4,500 monthly in the Transformation package for mid-sized companies with 200+ endpoints. Exact prices are calculated individually based on the asset list.
Can I cancel the SIEM after 6 months?
Yes. All Vyrex contracts are cancelable monthly. At contract end, we export all logs and configurations so you don't get stuck in a vendor lock-in.
NEXT STEP
Start Managed SIEM with Vyrex.
Free security check with first action plan within two business days — non-binding and without sales pressure.