Product Hero Security SOC

SOC & Incident Response

SOC & Incident Response

Your bolt-on team of IT security analysts

Implement enterprise-level security oversight for your business today

Get the keys to a customizable, fully staffed and experienced SOC. The A1 Group SOC team of analysts ingests all of your critical logs and data and highlights current threats in real-time – and help you to recover your systems after an incident.

Soc whitepaper mockup v2 web

Whitepaper: Security Operations Center

This whitepaper by Thomas Dorfmeister explains what needs to be taken into account when setting up and operating a SOC, what requirements companies currently have and what questions need to be clarified in advance. It also discusses best practices in the interaction between internal IT/OT security and external MSSPs in the detection and response to security incidents and attacks.

Our SOC services and solutions

Cybersec soc grafiken prevention web1


Continuous observability monitoring of your IT infrastructure to detect false-positives, prevent false-negatives and immediately respond to threats.

Cybersec soc grafiken detection und defense web1c

Detection and Defense

Real-time monitoring by our trained security analysts with comprehensive information and recommendations to patch all identified vulnerabilities.

Cybersec soc grafiken reporting web1


Analyze, evaluate, and minimize your current risks with access to your data at any level, including a personalized Risk & Security Cockpit and customized, easy-to-understand reports.

Cybersec soc grafiken 24 7 support web1

24/7 Support

Have a direct line to the A1 Security Intelligence team via our integrated messaging system.

Cybersec soc grafiken incidence response web1

Incident Response

Our security experts help to defend and mitigate attacks, and closely work together with your IT team to recover all your systems and data according to your incident response plan.

Why SOC by A1 Group?


Our SOC team is established, well-trained and experienced for years – and ready to start working for you today.


We work based on industry-standard observability platforms, as well as incident, event management and automated response systems.


Adapt our scope of services and processes individually to your business’s specific requirements and challenges.


We can rely on the resources, know-how, and infrastructure of A1 Telekom Austria Group – so can you.

How does A1 Digital Incident Response work?

A1 Digital IR Grafik 2022 v02 red

Incident Response Steps



The first step is a security check to evaluate the existing IT and OT infrastructure. The goal is an initial maturity analysis and assessment based on predefined metrics in order to identify pain points and blind spots.


Phase 1

In the event of a security incident, the first responder becomes active and begins with an initial investigation based on the A1 Threat Intelligence Platform. Log files are analysed and known IOCs are searched.


Phase 2

In this phase, software is deployed for in-depth analysis by the IR expert. By means of monitoring, threat hunting and remediation, an attempt is made to limit and solve the incident.


Phase 3

If necessary, and in close coordination with the customer, the customer's infrastructure is searched and cleansed of attackers with global resources and on the basis of Mandiant's globally leading incident response specialists.