Managed Security Services
Empowering your business with comprehensive managed security services for continuous protection.
Building and maintaining effective security operations in-house is expensive, complex, and increasingly difficult as the threat landscape evolves. Managed Security Services give organisations access to certified expertise, proven processes, and continuous protection — without the overhead of building it all internally.
One Step Beyond delivers Managed Security Services focused on the Microsoft cloud ecosystem — providing continuous monitoring, threat detection, and incident response capabilities that are natively integrated with your Microsoft 365 and Azure environment. As a Microsoft Solutions Partner for Modern Work & Security, we implement and manage Microsoft Sentinel, Microsoft Defender XDR, and Microsoft security controls on your behalf.
Through our Swiss Expert Group partnership, our clients also have access to a broader MSS portfolio operated by e-Xpert Solutions and eb-Qual — including the At-Defense managed SOC (ISO 27001, ISAE 3000), MSS WAF, PurpleScan vulnerability management, Security Control Audit (BAS/Picus), MSS PAM (CyberArk), and penetration testing. This gives One Step Beyond clients a single point of access to a complete, certified managed security service portfolio — spanning Microsoft cloud operations and the full cybersecurity stack.
Our Managed Security Services :
Microsoft Sentinel — Managed SIEM & SOAR
Microsoft Sentinel is the cloud-native SIEM and SOAR platform at the centre of Microsoft cloud security operations. Our engineers deploy, configure, and continuously manage Sentinel environments for our clients — handling data connector management, detection rule tuning, automated playbook maintenance, and compliance reporting — so that your team benefits from enterprise-grade security monitoring without the operational burden of running it in-house.
Managed Sentinel includes monthly threat detection reviews, detection rule updates aligned with the latest Microsoft threat intelligence, incident triage support, and compliance workbooks for FINMA, nLPD, and ISO 27001 audit purposes. For organisations requiring 24/7 managed detection and response on top of Sentinel, we connect your Sentinel environment to the At-Defense SOC — operated by our Swiss Expert Group partner e-Xpert Solutions.
Microsoft Defender XDR — Managed Threat Detection
Microsoft Defender XDR unifies threat detection across endpoint, identity, email, and cloud applications — but extracting its full value requires continuous configuration management, alert triage, and response playbook execution. Our engineers manage Microsoft Defender XDR for our clients — maintaining detection policies across Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud Apps, tuning alert thresholds to reduce noise, and responding to high-priority incidents within defined SLAs.
Managed Defender XDR includes monthly security posture reviews, detection coverage assessments mapped to MITRE ATT&CK, and incident response support — giving your organisation enterprise-grade XDR operations without a dedicated security operations team.
At-Defense — Managed SOC 24/7 (via e-Xpert Solutions.)
For organisations requiring 24/7 managed threat monitoring and incident response, One Step Beyond provides access to At-Defense — the managed SOC operated by our Swiss Expert Group partner e-Xpert Solutions.
At-Defense is a 100% Swiss managed SOC, certified ISO 27001 since 2021 and covered by an ISAE 3000 assurance report issued by a Big4 firm. Its analysts hold certifications including GCFA, GCIH, GCFR, GEIR, OSCP, and OSCE, and operate 24/7 with incident response included at a flat-rate, predictable cost. The service deploys in as little as two days, integrates natively with Microsoft Defender and Microsoft Sentinel, and has recorded zero breaches among SOC clients since 2018 — with less than 3% of alerts escalated to client teams.
As a Swiss Expert Group partner, One Step Beyond clients can access At-Defense directly through our team — combining our Microsoft cloud implementation expertise with the At-Defense SOC’s operational monitoring capabilities for a fully integrated managed security service.
MSS WAF — Managed Web Application & API Protection (via e-Xpert Solutions)
Protecting web applications and APIs requires specialised expertise and continuous management — tuning WAF rules, managing false positives, and responding to emerging attack patterns. Through our Swiss Expert Group partnership, One Step Beyond clients can access the MSS WAF service operated by e-Xpert Solutions — a fully managed WAAP service powered by F5 (as a certified F5 MSP) providing WAF, Bot Defense, API Security, and DDoS Protection with 24/7 SOC backing.
This service is particularly relevant for One Step Beyond clients who have deployed Azure API Management or Azure Application Gateway and require additional WAF management capabilities beyond the native Azure WAF.
PurpleScan — Managed Vulnerability Management (via e-Xpert Solutions)
Vulnerability management is a continuous operational requirement — but running it in-house requires dedicated scanning infrastructure, expert analyst review, and a structured prioritisation and remediation process. Through our Swiss Expert Group partnership, One Step Beyond clients can access PurpleScan — the expert-guided vulnerability management service operated by e-Xpert Solutions.
PurpleScan reduces the exploitation window from the industry average of over 30 days to under 8 days, using automated weekly scans combined with SOC analyst review and prioritisation. For One Step Beyond clients running Microsoft cloud environments, PurpleScan’s Splunk SIEM environment complements Microsoft Sentinel — providing vulnerability management telemetry that feeds into the broader security operations picture.
MSS PAM — Managed CyberArk PAM (via Swiss Expert Group)
CyberArk Privileged Access Management environments require ongoing maintenance, patching, and operational management to remain secure and aligned with evolving requirements. Through our Swiss Expert Group partnership, One Step Beyond clients can access the MSS PAM service operated by eb-Qual — providing managed CyberArk operations with a defined SLA: Severity 1 incidents receive a 24/7 response in under one hour and a resolution target of under four hours.
MSS PAM complements One Step Beyond’s Microsoft Entra ID PIM implementation — providing managed PAM for server and application privileged access through CyberArk, while Entra ID PIM governs Microsoft cloud administrative access.
Why One Step Beyond for Managed Security Services?
One Step Beyond brings a unique combination to Managed Security Services: certified Microsoft cloud expertise — implementation and management of Microsoft Sentinel, Defender XDR, and the full Microsoft security stack — combined with access to the broader Swiss Expert Group MSS portfolio for services beyond Microsoft.
This means our clients benefit from a single, trusted partner that can manage their Microsoft cloud security operations directly, and provide access to the group’s certified managed services — At-Defense SOC, MSS WAF, PurpleScan, MSS PAM, and Security Control Audit — as needed, without managing multiple vendor relationships.
All Swiss Expert Group MSS are operated by certified Swiss-based teams: e-Xpert Solutions (Geneva, Lausanne) for At-Defense SOC, MSS WAF, PurpleScan, SCA, and pentest; eb-Qual (Givisiez, Kloten) for MSS PAM and audit services. All data and operations remain in Switzerland.
We operate from our office in Gland (Vaud), serving organisations across French-speaking Switzerland and beyond.
Technologies We Work With :
One Step Beyond’s managed security services are built on the Microsoft security platform:

Through Swiss Expert Group, our clients also have access to managed services built on the following platforms — operated by our certified SEG partners e-Xpert Solutions and eb-Qual:








Ready to Explore Managed Security Services?
Whether you need managed Microsoft Sentinel, 24/7 SOC monitoring through At-Defense, managed vulnerability management, or a managed PAM service, One Step Beyond is your single point of access to a complete, certified managed security portfolio. Contact us to discuss your requirements.
Frequently Asked Questions – Managed Security Services in Switzerland
Q : What is a Managed Security Service (MSS)?
A Managed Security Service (MSS) is a security function delivered by an external provider on an ongoing basis — typically covering monitoring, threat detection, incident response, or the management of specific security technologies. MSS allows organisations to access certified expertise and continuous protection without the cost and complexity of building and staffing the capability internally. One Step Beyond delivers MSS across two layers: direct management of Microsoft security services (Sentinel, Defender XDR), and access to the broader Swiss Expert Group MSS portfolio (At-Defense SOC, MSS WAF, PurpleScan, MSS PAM, Security Control Audit) for clients requiring capabilities beyond Microsoft.
Q : What is the At-Defense SOC and how do One Step Beyond clients access it?
At-Defense is a 100% Swiss managed Security Operations Center operated by e-Xpert Solutions — One Step Beyond’s partner within Swiss Expert Group. It is certified ISO 27001 since 2021, covered by an ISAE 3000 assurance report, and has recorded zero breaches among clients since 2018. It operates 24/7 with incident response included at a flat-rate cost, deploys in two days, and integrates natively with Microsoft Defender and Microsoft Sentinel. One Step Beyond clients access At-Defense through our team — we handle the Microsoft Sentinel and Defender implementation, and connect your environment to At-Defense for 24/7 managed monitoring and response.
Q : What is PurpleScan and why is it relevant for Microsoft cloud environments?
PurpleScan is a managed vulnerability management service operated by e-Xpert Solutions that reduces the exploitation window from the industry average of over 30 days to under 8 days — through weekly automated scans combined with SOC analyst prioritisation. For One Step Beyond clients, PurpleScan is particularly relevant as a complement to Microsoft Defender Vulnerability Management — providing independent vulnerability assessment that validates Defender findings and extends coverage to non-Microsoft assets. PurpleScan findings can be integrated with Microsoft Sentinel for unified visibility.
Q : How does MSS PAM complement Microsoft Entra ID PIM?
Microsoft Entra ID Privileged Identity Management (PIM) governs just-in-time access for Microsoft cloud administrative roles — Azure subscriptions, Microsoft 365, and Entra ID. MSS PAM, operated by eb-Qual, manages CyberArk for privileged access to servers, databases, network devices, and applications — the on-premises and hybrid infrastructure layer that Entra ID PIM does not cover. Together, they provide complete privileged access governance: Entra ID PIM for Microsoft cloud roles, CyberArk MSS PAM for infrastructure and application privileged access. One Step Beyond implements the Entra ID PIM layer and coordinates the MSS PAM engagement with eb-Qual for clients requiring both.
Q : How do Swiss Expert Group managed services ensure Swiss data residency?
All Swiss Expert Group managed security services are operated entirely from Switzerland. At-Defense — operated by e-Xpert Solutions — is a 100% Swiss SOC: all monitoring, data processing, and incident response operations remain in Switzerland, ensuring compliance with Swiss nLPD data residency requirements and FINMA expectations for regulated financial institutions. MSS PAM operated by eb-Qual and all associated data remain in Switzerland. One Step Beyond’s Microsoft-based managed services use Microsoft Azure Switzerland (Switzerland North — Zurich, Switzerland West — Geneva) data centres for data residency.
Q : Where is One Step Beyond based?
One Step Beyond is headquartered in Gland (Vaud) — Route de Cité-Ouest 2, 1196 Gland, telephone +41 22 995 96 12. The company also operates an office in Budapest (Hungary). As part of Swiss Expert Group, One Step Beyond collaborates with e-Xpert Solutions (Geneva, Lausanne) — which operates the At-Defense SOC, MSS WAF, PurpleScan, and Security Control Audit — and eb-Qual (Givisiez, Kloten) — which operates MSS PAM and audit services.