secunet monitor KRITIS

Attack detection system for KRITIS companies

Detecting cyberattacks reliably and reporting them to the BSI in an optimized way
secunet monitor KRITIS is the passive and non-reactive monitoring solution for signature- and pattern-based attack detection in accordance with current and future regulations.

Compliant with regulatory requirements  

secunet monitor KRITIS is aimed at KRITIS companies and takes into account the requirements of the BSI's guidance: signature- and pattern-based attack detection. In practice, in addition to pure attack detection, the system also compiles the data required for the transmission of reportable events to the BSI - and optimizes it for an audit.

secunet monitor KRITIS focuses on legislation, can be used passively and without retroactive effect, is easy to operate - and is therefore probably the most comprehensive solution on the market for IT and OT infrastructures.

Seamless SIEM integration

secunet monitor KRITIS implements the IDS functions for attack detection in networks. It offers an optional collection point for log data, which aggregates, correlates and evaluates it.

Have you already implemented a SIEM system? Then secunet monitor KRITIS forwards the log data and events to the existing SIEM via a standard interface (syslog).

Without a SIEM system, you can use signature- and pattern-based attack detection as a lightweight solution to meet legal requirements. This enables the storage and processing of log and logging data without the resource-intensive acquisition.

Requirements for attack detection systems in accordance with IT-SiG 2.0 and guidance


Paragraph 8a of the BSI Act (BSIG) obliges operators of critical infrastructures and companies in the special public interest to use systems for attack detection since May 1, 2023.


Logging. Detection. Response. Attack detection systems must continuously detect security-relevant events by analyzing logged data and react appropriately.


To support companies in implementing new legal requirements, the BSI published "Guidance on the use of attack detection systems" in September 2022.

Product features


The system stands out due to its passive and non-reactive functionality in IT & OT and offers functionalities such as: global whitelisting, real-time monitoring, installation capability in airgapped environments and log data sink with evaluation option.


The system provides a management report for a transparent overview of important KPIs. The clear change log ensures secure documentation. secunet monitor KRITIS is optimized for MSS/SOCs and for self-administration.


The system supports the reporting of security incidents to the BSI as well as audits and also integrates external signatures such as the BSI MISP feed. secunet monitor KRITIS takes into account both current and future regulatory requirements.

Related products and consulting services
secunet monitor KRITIS is just one component of the comprehensive portfolio
Contact request
Do you have any further questions about secunet monitor KRITIS?
Do you have any further questions about secunet monitor KRITIS?

Send us an inquiry via the contact form. We are looking forward to help you.

Produkt Manager
secunet Security Networks AG

Teamlead Customer Project Management
secunet Security Networks AG
Seite 1