Managing director of NIS-2-obligated entity
You need 24/7 detection but have neither staff nor facilities for it.
MANAGED SERVICE
SOC as a Service — 24/7 Security Operations for Mid-Market
German security operations center, without your own analysts
An in-house SOC costs €800,000+ per year. Vyrex SOC-as-a-Service delivers the functions of a full SOC from €1,500 monthly. You pay for the triage, not for the desk.
FOR WHOM?
Who benefits specifically?
Holder of cyber insurance
Your policy requires SOC integration. With Vyrex you fulfill the clause at a fraction of the cost.
IT manager at burnout risk
Stop waking up at night for Wazuh alerts. We handle the triage, you sleep through again.
HOW WE WORK
Structured 4-step process.
01
Onboarding
SIEM connection, emergency contacts, escalation playbooks, industry-specific use cases — everything set up in the first week.
02
24/7 monitoring
Our crew monitors all incoming alerts around the clock. Shift system with three shifts, always at least two analysts on duty.
03
Triage & escalation
Every alert is triaged in under 30 minutes. P1/P2 is escalated immediately, P3/P4 in the daily summary.
04
Incident response
In case of actual incident, we accompany you through containment, eradication, and lessons learned — via phone and on-site.
WHAT YOU GET
Concrete deliverables.
24/7 triage across three shifts
MITRE ATT&CK classification of each incident
Escalation playbooks per customer
Daily summary in dashboard
Monthly SOC report (PDF)
Quarterly tabletop exercise
Incident response support incl. initial forensic analysis
Maximum 30 min response time to P1
WHAT A REAL SOC DOES
More than a dashboard with green lights.
Many providers sell 'SOC' but mean 'SIEM dashboard with alert email'. Real SOC means humans who qualify alerts, contextualize, and only bother you when it matters.
- Alert triage by certified analysts (not AI bots)
- Cross-customer threat intelligence (attack patterns are learned)
- Playbook maintenance — use cases tuned quarterly
- Incident response, not just detection
- Initial forensic analysis in case of actual incident
- Interface to BSI and law enforcement when reporting required
- Documentation for cyber insurers and auditors
FAQ
Frequently asked.
What is the difference from managed SIEM?
Managed SIEM = we operate the tool, you react to alerts. SOC-as-a-Service = we operate the tool AND triage alerts 24/7 and escalate only what is truly critical.
Who are the SOC analysts?
Permanent employees from Germany, all with GCFA/GCIH certification or equivalent experience. No offshore subcontractors, no rotating call-center agents.
How fast is response to a P1 incident?
Triage in under 30 minutes, first phone contact in under 60 minutes, containment proposals immediately implemented on request via the auto-fix pipeline.
Are off-hours covered as well?
Yes, 24/7. Three shifts with German-speaking analysts. Nighttime response time is identical to daytime — that's the whole point of SOC-as-a-Service.
NEXT STEP
Start SOC as a Service with Vyrex.
Free security check with first action plan within two business days — non-binding and without sales pressure.