Managed EDR
Endpoint Detection & Response

Managed EDR
Endpoint Detection & Response

Organizations are facing ever-increasing challenges when it comes to securing endpoints: short device lifecycles, constant software updates, growing data volumes and employees who want more flexibility, connectivity and mobility.

Microsoft Defender for Endpoint

combined with terreActive's Managed EDR services provides your organization with protection against threats and gives you peace of mind to face the challenges mentioned above.

The advantages

  • Visibility: Detect threats and vulnerabilities
  • Real-time: Immediate response to attacks around the clock by terreActive's Incident Response Team
  • Tuning: Continuous monitoring of whether all security solutions have been implemented correctly, are working properly and are up-to-date
  • Minimize complexity and cost of IT management through EDR services and automation
  • Gain time to focus on strategic tasks

Why EDR?

  • EDR protects where most attacks happen, directly on the client.
  • EDR allows a fast rollout and can be extended with additional solutions (e.g. SIEM) at any time.
  • EDR offers detect & respond in one.
  • Managed EDR conserves your own resources and gives you access to our SOC expertise.

More security by combining detection, service and automation

The EDR solution allows you to build a comprehensive cyberattack detection capability in a matter of weeks, providing SOC specialists with all the information they need to successfully combat attacks. Automation allows to react in seconds instead of hours and helps to stop attacks immediately!

Modular Service Catalog

Deployment options of Defender for Endpoint

modularer Servicekatalog

Quickly up and running: Offload your internal IT with managed EDR services.

In addition to threat detection, Microsoft Defender for Endpoint offers options for orchestrating and automating workflows. In combination with terreActive's Managed EDR Services, you can achieve the greatest possible relief for your internal IT from boring routine tasks. From our modular service kit, these services are available to you, among others:

Threat Detection:

Our security analysts take over the classification of various security incidents or the correlation of EDR alerts with other log sources. Daily monitoring of the customer infrastructure is a must here.

Service Tuning:

Here our focus is on reducing false alarms within the customer's system. We sharpen Defender's detection mechanisms by classifying alarms, resulting in fewer alarms being generated in the long term. Our tuning continuously increases your security.

Incident Response:

Defender for Endpoint already comes with Auto Investigation and Remediation. Our SOC team will recommend tasks that can be automated and select the level of automation that is right for you. Tasks that cannot be automated are handled by security engineers from terreActive's Incident Response Center.

Vulnerability Management:

Vulnerability detection is an important area of Microsoft Defender for Endpoint. Our security analysts prioritize based on severity, number and importance of affected devices and initiate appropriate measures. Our Vulnerability Reporting provides timely warning of vulnerabilities and in-depth reports support the development of your systems.

Microsoft Defender for Endpoint at a glance

MS Defender for Endpoint combines various technologies from the Windows 10 operating system and the MS Cloud:

  • Endpoint behavioral sensors
  • Cloud security analytics
  • Threat Intelligence

In your private cloud instance of Defender, behavioral signals are collected, analyzed, and then translated into threat insights, detections, and recommended responses.

Threat intelligence feeds generated by Microsoft and supplemented by partners enable Defender for Endpoint to identify attacker tools and techniques and send alerts.

Microsoft EDR


Broad EDR coverage

terreActive provides managed services not only for or with Microsoft Defender for Endpoint. The practical knowledge gained from other EDR solutions, e.g. Cybereason, also flows into the daily work of our SOC team and benefits all customers across all products.

You already have an EDR?

You have already installed an EDR, but you lack the resources to handle the detected incidents and clarify them in detail? We close this gap and support you selectively with our analysts. This is what we bring to the table:

  • 25 years of SOC experience
  • Cyber security engineers and analysts in Aarau and Zurich
  • Well-rehearsed processes for combating attacks
  • Partnerships with leading EDR vendors, including Cybereason and Microsoft

Microsoft Silver Partner Security