UnderDefense MDR: cybersecurity in healthcare

The Client

The client is the largest and oldest healthcare organization in Germany, encompassing more than 100 different centers, institutes, and departments. It provides a wide range of medical services supported by modern equipment and highly qualified staff. The institution is consistently ranked among the top hospitals in Germany and worldwide.

The Challenge

Cyberattacks on healthcare organizations are increasing at an alarming rate—averaging over 1,400 attacks per week in 2022 against hospitals and medical facilities.
Although the client had an internal IT security team of more than 100 engineers, it still faced major challenges:

The scale of attacks was overwhelming, with constant infections, viruses, and malware delivered via emails or application installations.

The team was overloaded with alerts, incidents, and after-hours duties, leading to frustration and burnout.

A shortage of cybersecurity specialists and budget constraints prevented hiring additional experts.

The deployed Endpoint Detection and Response (EDR) solution was not operating optimally due to improper tuning—generating excessive false positives and failing to leverage its full capabilities.

As a result, various types of malware could easily penetrate the infrastructure and disrupt critical business operations.

The Solution: UnderDefense

Recognizing that it was not feasible to quickly expand its internal team, the client sought an external cybersecurity expert and selected UnderDefense MDR, which provides:

24/7 monitoring and a dedicated SOC (Security Operations Center) staffed with experienced engineers
Professional EDR tuning (Fortinet/EnSilo) to reduce false positives and automate incident detection
Threat monitoring and analysis across more than 20,000 endpoints
Support in meeting European regulatory requirements for patient data protection

During the first year of cooperation, the UnderDefense team analyzed vast volumes of data, eliminated tens of thousands of false alerts, and notified the client of numerous real attacks.

Results

15 serious incidents were stopped before causing damage
The client gained full visibility across 25,000 endpoints and the entire IT environment
Over 30,000 alerts were reviewed and resolved, significantly reducing team overload
Alert fatigue was substantially reduced, allowing internal engineers to focus on strategic initiatives
Threat readiness, incident reporting, and forensic analysis were significantly improved

Impact of the partnership

Enhanced protection of sensitive patient data and hospital infrastructure

Optimized security processes and reduced IT team workload

24/7 readiness for new cyber threats backed by UnderDefense’s expert support

UnderDefense

UnderDefense is a global cybersecurity company that helps organizations build resilient defenses against modern digital threats. By combining expert knowledge, innovative technologies, and in-depth risk analysis, UnderDefense delivers a full lifecycle of services—from preventive measures to 24/7 monitoring and incident response.

Learn more

Schedule a demo and learn more

To schedule individual demonstrations, partner training sessions, or pilot projects, please contact the Business Development Manager at Oberig IT – Krystian Hofman.

Schedule a meeting