Sovereignty instead of dependency: We implement powerful open-source SOCs that are NIS2-compliant and provide full control over your security data on your on-premises infrastructure.
In an era where regulatory requirements are significantly increasing through the NIS2 Directive, the demand for digital sovereignty is becoming a strategic priority for many organizations and public authorities. An open-source-based SOC enables you to build an independent security infrastructure that is not constrained by proprietary vendor lock-in or high licensing costs. By focusing on on-premises solutions, you retain full control over sensitive data and log information on your own infrastructure – an essential requirement for organizations facing strict data protection and compliance obligations.
Our expert advice services support you in identifying, selecting, and seamlessly integrating the most suitable open-source technologies. At the core of such an implementation is the combination of powerful SIEM analytics (Security Information and Event Management), automated SOAR workflows (Security Orchestration, Automation and Response), and advanced network detection and analysis capabilities. However, technology alone is not enough. To ensure a comprehensive security posture, vulnerability management and incident response (IR) processes must be tightly integrated into the overall security ecosystem. We help organizations combine these components into a coherent, efficient, and sustainable SOC architecture.
Another key pillar is Cyber Threat Intelligence (CTI), which enables organizations to identify and anticipate threats before they reach their networks. By integrating IP Address Management (IPAM) solutions such as NetBox, you also gain comprehensive visibility and control over your assets and infrastructure. The result is a transparent, scalable, and cost-efficient SOC that not only supports regulatory compliance but also provides the technical freedom to manage and evolve your cybersecurity strategy independently – without reliance on external cloud providers.
Benefits
Our open-source SOC solutions are designed to deliver full control, regulatory compliance, and operational efficiency while maximizing security and independence.
- Rapid Incident Response: Automated playbooks and dedicated incident response tools minimize downtime and accelerate remediation.
- Maximum Digital Sovereignty: Full control over your data and infrastructure without reliance on external providers.
- NIS2 Compliance: Expert guidance on regulatory requirements and practical implementation strategies.
- Cost Optimization: Reduce licensing costs through the use of enterprise-grade open-source solutions.
- On-Premises Hosting: Protect sensitive data through local storage and processing within your own environment.
- Vendor Independence: Avoid lock-in to a single vendor and maintain maximum flexibility for future expansion.
- Transparency & Auditability: Open-source code provides deep visibility into system functionality and security.
- Integrated Asset Management: Centralized visibility of all network assets through IPAM/CMDB integration.
Technology Division & Components
- SIEM: Wazuh, Opensearch
- SOAR: n8n, Shuffle
- EDR / XDR: Wazuh
- Network Detection: Suricata, Zeek
- Cyber Threat Intelligence: MISP, Yeti, IntelOWL, CyberBro, Honeybot
- IPAM/CMDB: Netbox
- Incident Response: DFIR-IRIS
- Vulnerabilities: OpenVas, Wazuh, DefectDojo
- Additional tools: CheckMK, LibreNMS, Zammad, Guacamole
Our SOC Expert:
Your contact person: Alexander Szönyi, aszoenyi@sba-research.org
Photo credit: Niklas Schnaubelt