SECURITY INCIDENT?
We help 24/7, click here

MDR – Security Monitoring

MDR: Getting a grip on threats. Peace of mind in your organization.

Neem contact op
NFIR beeldmerk kleur

Managed Detection & Response

MDR live demo

Protect your organization 24/7 from cyber threats with MDR from NFIR. We take the complex Managed Detection & Response completely off your hands, so you can focus on your core business with peace of mind. The Security Operations Center (SOC) continuously detects suspicious activity, alerts you immediately in serious incidents and helps organizations that want to become compliant with laws, regulations and standards frameworks such as NIS2, ISO27001, BIO, AVG and IBP. Choose MDR – Essentials or MDR – Advanced and strengthen your digital resilience with our advanced technology, expertise and personalized guidance.

  • 24/7 Monitoring door echte mensen

    Wij combineren geavanceerde AI-detectie en state-of-the-art technologie met menselijke expertise. Onze security-engineers beoordelen elke melding, filteren ruis en zetten alleen de écht relevante dreigingen door. 24 uur per dag, 7 dagen per week, 365 dagen per jaar.

  • Nederlandstalig MDR team

    De dienst wordt uitgevoerd door ervaren Nederlands sprekende Security specialisten die niet alleen technisch uitstekend onderlegd zijn, maar ook snel schakelen en in begrijpelijke taal complexe materie toelichten.

  • Vaste prijs en 1 jaar data retentie

    Wij rekenen een vaste fee voor alle SOC triages, analyses en data opslag zonder onaangename verrassingen. NFIR bewaart alle logdata standaard 1 jaar omdat wij uit eigen CERT ervaringen weten hoe belangrijk het is om logs voor langere tijd op te slaan.

  • Forensische expertise als fundament

    Wij verrijken en verbeteren onze MDR-dienstverlening non-stop op basis van onze ervaring op Digitaal Forensisch Onderzoek en Incident Response. Zo is onze detectielogica altijd up-to-date.

  • Schaalbare MDR dienst

    Onze MDR oplossingen groeien mee met de securitybehoefte van uw organisatie. Zo kunt u vandaag, maar ook in de toekomst zorgeloos ondernemen.

  • Baanbrekende technologie

    De cyber security markt veranderd razendsnel. Wij werken met technologieën zoals AI, UEBA en SOAR om snelle detectie, efficiëntie en optimalisatie van de dienst te bereiken.

What makes NFIR different?

A man stands up and presents information about cybersecurity and incident response on a large screen to three seated colleagues in a modern office conference room.
"We say what we do. And do what it takes."
We are engineers. We test and we continuously improve. From AI-driven detection to reporting. If something can be smarter or faster, we do it.
  • No buzzwords, clear impact
  • Your data stays in the Netherlands
  • Dutch SOC
  • Fixed price per month (no hidden costs)
  • Unambiguous notifications with clear actions
  • Permanent Security Engineers and Service Managers.

Choose the detection that suits your organization

MDR - Essentials

The essential detection of threats

MDR – Essentials offers your organization the assurance of continuous monitoring against modern cyber threats. By opening up the log sources of your Identity Provider and your EDR package to our Security Operations Center, we create an essential security layer that monitors identities as well as endpoints (Servers and Clients). We monitor security alerts 24/7 and inform your organization in case of critical threats.

For whom.

Do you recognize any of these situations? Then MDR – Essentials is perfect for your organization:

  • No grip on cyber threats: you know there are cyber threats, but you don’t have a handle on them
  • No in-house cybersecurity team: reports not followed up or not followed up enough
  • Limited cybersecurity budget: Reduce cyber risks with a small monthly investment

  • You are looking for a practical interpretation to better comply with laws, regulations and standards frameworks such as the NIS2, ISO27001, BIO, AVG and IBP.

What you get
  • 24/7 SOC detection + notifications for critical threats
  • Live and monthly reports
  • 1 x quarterly operational meeting with a regular service manager
  • Limited Threat Intelligence (general threats).
  • Linking to your ticketing system
  • Incident Response Guarantee (optional)
See MDR - Essentials in action

MDR - Advanced

The complete detection of threats

MDR – Advanced offers your organization the assurance of continuous monitoring against modern cyber threats. Linking a full set of log sources to the NFIR SIEM creates a cohesive and complete security layer that monitors not only identities and endpoints, but also the log sources of the most relevant network components.

For whom.

Do you recognize any of these situations? Then MDR – Advanced is perfect for your organization:

  • Organizations where a Security Incident has a huge impact
  • Insufficient expertise and capacity in the IT or Cyber Security team
  • CISOs or IT Managers in need of maximum relief
  • Want better compliance with laws, regulations and standards frameworks such as the NIS2, ISO27001, BIO, AVG and IBP.
What you get

In addition to the EDR & IDP, we also monitor the following log sources (if applicable): M365, AD On-premise, Firewall(s), NDR/IDS, VPN, Backup authentication events and Cloud authentication events:

    • 24/7 SOC detection + notifications for critical threats
    • Live and monthly reports
    • 1 x per month operational consultation with a regular Security Engineer and Service Manager
    • 1 x per year strategic security consultation
    • Threat Intelligence & Threat hunting
    • Linking to your ticketing system
    • Extended Response obv playbooks (optional)
    • Incident Response Guarantee (optional)
See MDR - Advanced in action

Maximum relief

We understand better than anyone that cybersecurity can be complex. That’s why we offer a service that takes care of you to the max. We take everything off your hands and ensure your digital sleep.

Our experts not only monitor your systems, but can also take proactive action in the event of an attack. With our incident response capability, we stop threats before they can do any damage.

Moreover, we are also here for organizations that are not yet mature in terms of cyber resilience. We help you step by step to a higher level of security, without overwhelming technical terms or unnecessary complexity.

  • Proactieve bescherming

    Waar mogelijk stoppen we aanvallen voordat ze schade aanrichten met proactieve incident response.

  • Digitale nachtrust

    Wij houden 24/7 de wacht zodat u zich kunt concentreren op uw kernactiviteiten.

  • Groei in weerbaarheid

    We helpen organisaties in elke fase van cybervolwassenheid naar een hoger niveau.

  • Naleving van Regelgeving

    De MDR dienst geeft een praktische invulling om beter te voldoen aan wet- en regelgeving en normenkaders zoals de NIS2, ISO27001, BIO, AVG en IBP.

Live SOC Demo

Experience for yourself how 24/7 MDR – Security Monitoring really works – on-site at the NFIR SOC. In addition to the live demo, we will have a no-obligation discussion with you about IT-OT security for your organization. If desired, you will receive a targeted quote for this MDR service.

Don’t wait any longer and let NFIR monitor your network 24/7 for digital threats.

Frequently asked questions

The live SOC Demo will take place at the SOC (Security Operations Center) in Zwolle, the Netherlands.

Security Monitoring focuses primarily on collecting and signaling security alerts. Managed Detection & Response (MDR) goes a step further: in addition to 24/7 monitoring, suspicious activities are actively investigated, analyzed and, where necessary, followed up immediately by security experts. This not only detects what is happening, but also reacts before it develops into an incident.

A SIEM (Security Information and Event Management) is a platform that centrally collects, analyzes and correlates log data from various IT systems. This allows for faster recognition of anomalies and threats. MDR services use a SIEM to detect and prioritize complex attacks. Learn more here: SIEM and SOC | Managed Detection and Response (MDR) | nfir – cyber security specialist

A Security Operations Center (SOC) is a 24/7 staffed control room where security specialists continuously monitor the IT landscape. They analyze reports, investigate suspicious activity and take immediate action in the event of a threat. The SOC is the heart of an MDR service. Learn more here: SIEM and SOC | Managed Detection and Response (MDR) | nfir – cyber security specialist

MDR protects your IT network by continuously monitoring log data of users, endpoints and applications, detecting anomalous behavior early and responding to it immediately. Thus, attacks such as ransomware, phishing and privilege escalation are more often stopped even before they cause damage.

Yes, NFIR can also integrate OT log sources into the MDR service. By linking these systems to the Security Operations Center, industrial environments and critical processes are monitored as thoroughly as IT networks.

AI and machine-learning analyze large amounts of data and identify patterns that indicate threats. UEBA detects anomalous behavior of users and systems, while SOAR automates processes and enables immediate response. These technologies increase detection speed and reduce the likelihood of human error.

Cyber attacks don’t stop outside business hours. Through 24/7 monitoring, suspicious activity can be detected and stopped at any time. This limits damage and makes organizations more compliant with laws and regulations such as NIS2 and ISO27001.

Extended Response automates advanced responses to threats, such as isolating an infected endpoint or blocking a suspicious user. This speeds up the response and minimizes the impact of an attack, without manual intervention.

The seven log sources (including Microsoft 365, Firewall and Active Directory) were chosen because they cover the majority of attack patterns and access paths. Combining these sources provides a good picture of user behavior, network traffic and authentication, which significantly increases the chances of early detection.

During the quarterly consultation, your Service Manager and Security Engineer discuss trends, incidents, areas for improvement and new threats. You will receive concrete recommendations to further strengthen your security and insight into the performance of the MDR service.

The reports include an overview of all detected incidents, user behavior trends, status of log sources, key risks and recommendations. This allows you to maintain constant insight into your security level and take targeted action.

Yes, MDR-Essentials can be expanded with custom Use Cases tailored to your organization, industry or specific risks. This way, detection is optimally aligned with your business processes.

In the event of a security incident, our Computer Emergency Response Team (CERT) is on site within three hours. They immediately take control of the incident, limit damage, conduct forensic investigations and advise on next steps.

Yes, all SOC triages and analyses are included in the fixed monthly fee. So you don’t pay any additional fees for investigating suspicious events.

Yes, by default NFIR retains all log data for 12 months at no additional charge. This period meets legal requirements and supports forensic investigations.

A 12-month retention period enables in-depth forensic investigations and is essential for NIS2, BIO2 and AVG compliance. This allows you to reconstruct incidents retrospectively, report to regulators and respond to long-standing threats in a timely manner.

What clients have to say

Security Monitoring

Countering cybercrime is obviously not something you can do alone. That is why we partnered with cyber security specialist NFIR. We started a very meaningful pentest. We now purchase almost all security services from NFIR to our great satisfaction. We recently launched Security Monitoring. It gives a sense of security because there is a structured, proactive and broad look at our systems. We cannot gather this knowledge and experience ourselves. It also keeps us on our toes, as the service provides insights we don't think of ourselves. With NFIR as a partner, we remain at the forefront.
Home
Rob HordijkOperations Manager
Royal Hordijk
Page content

SECURITY INCIDENT BIJ UW ORGANISATIE?

De volgende 30 minuten zijn van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal, omdat een snelle en adequate reactie de schade kan beperken. Daarnaast kan verdere verspreiding van de aanval worden voorkomen en kan essentieel bewijsmateriaal veiliggesteld worden voor nader onderzoek.

Ons Computer Emergency Response Team (CERT) staat 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Bel ons 24/7 !
088 133 0700
* LET OP: Wij werken uitsluitend voor bedrijven en organisaties.

SECURITY INCIDENT AT YOUR ORGANIZATION?

The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because a quick and adequate response can limit the damage. In addition, further spread of the attack can be prevented and essential evidence can be secured for further investigation.

Our Computer Emergency Response Team (CERT) is available 24/7 to support businesses and organizations during IT security incidents.

Call us 24/7 !
088 133 0700
* PLEASE NOTE: We work exclusively for companies and organizations.