Frequently Asked Questions

MDR (Managed Detection and Response) hands the detection + response responsibility to InfinitumIT; our analyst team stops threats on your behalf. SOC is focused on monitoring and analysis — the decision is typically made by the customer organization. MDR fits enterprises with small security teams, while SOC fits mature security organizations.

Black-box best simulates a real attacker perspective but takes time. Grey-box covers more efficiently with partial knowledge. White-box, with source code and architecture access, provides maximum coverage. We typically recommend grey-box for annual mandatory testing and white-box for in-depth security audits.

Our first-response SLA on active incident calls is 15 minutes; remote triage starts within 1 hour, on-site response (if needed) within 4 hours. You can reach us via the Under Attack form.

No. A penetration test is a scope-bounded vulnerability discovery service. Red Team is a multi-layered operation that simulates a real-world adversary scenario end-to-end, including physical and social engineering. Red Team output typically measures the detection capability of the SOC and IR teams.

We are an independent service provider and integrate with the customer's existing infrastructure. On the SIEM side: IBM QRadar and FortiSIEM. On EDR/XDR: CrowdStrike, SentinelOne, Trend Micro Vision One, Microsoft Defender, Palo Alto Cortex XDR. On NDR: Vectra AI and FortiNDR. Full list: Products.

No. Our SOC and MDR operations centers are in Turkey; your log and telemetry data is processed and stored in-country. Cloud-based integrations use KVKK-compliant region selection.

Yes. We hold active ISO 27001, ISO 27701, ISO 9001, ISO 20000, CREST (Council of Registered Ethical Security Testers), and TSE Service Eligibility (Level A) certifications. See the full list on the Certifications page.

Yes. Our reports comply with OWASP, OSSTMM, NIST SP 800-115 methodologies; findings are scored with CVSS 3.1. Executive summary (TR/EN), technical detail, and remediation recommendations are part of our standard structure. We provide a free retest within 30 days of the report.

Initial discovery + scope definition is typically completed within 2-3 business days; the proposal is delivered within the following 5 business days. We respond same-day for urgent cases.

One-off services (penetration test, IR) are project-based. MDR/SOC minimum contract is 12 months; the first 30 days are transition and baseline.

You can fill out the contact form, call +90 850 800 14 83, or write to [email protected].