demiri.de

What It Is

Asmir Demiri is an independent senior cybersecurity consultant based in Isernhagen, Germany. The website positions his work as “vendor-neutral” IT security consulting, covering security strategy, SIEM/SOC, Zero Trust, compliance, and incident response. His profile indicates that he has worked in IT security since 2007, with security, architecture, and operations experience at organizations such as Crayon, SoftwareONE, DLR, and Computacenter.

Core Capabilities

In terms of protection model, this is not a standalone security product but a consulting and implementation-focused professional service. Key capabilities include SIEM design and implementation for Splunk and Microsoft Sentinel, SOC build-out, log management, use case development, MITRE ATT&CK mapping, as well as incident response, root cause analysis, playbooks, and crisis management. On the compliance side, it covers ISO 27001, BSI IT-Grundschutz, NIS2, KRITIS, DORA, DSGVO, and audit readiness. For Zero Trust and SASE, the site explicitly mentions Zscaler ZIA, ZPA, ZDX, ZTNA, SSE, network segmentation, and firewall design.

Pricing and Delivery

The website only states that the initial consultation is free and non-binding. It does not publish day rates, project packages, managed service pricing, or SLAs. Delivery is also not presented as a productized deployment model; it appears to be project-based work such as security assessments, architecture design, implementation support, POC/POV, training, and workshops. Before purchasing, buyers should clarify the scope of deliverables, milestones, documentation outputs, response times, and whether long-term on-site or remote support is available.

Pros and Cons

The main advantages are relatively detailed disclosure of experience and certifications, including credentials related to ISO 27001/NIS2, KRITIS, Microsoft, Splunk, Zscaler, EC-Council, and CompTIA. Its vendor-neutral positioning can also help enterprises make more objective technology choices in multi-product environments. The downsides are the lack of customer case studies, quantified results, team size information, and pricing transparency. As an individual consultant, his capacity for parallel delivery, 24/7 response, and large-scale managed operations should be verified further.

Who It’s For and Access from China

This service is better suited to mid-sized and large enterprises with defined security projects, regulated industries, organizations preparing for NIS2/KRITIS/ISO 27001 audits, and teams planning to build a SOC or implement Splunk/Sentinel or Zscaler. The site does not state anything about access from China; website connectivity, payment methods, and Chinese-language support are all unknown. If localized delivery is required, buyers may compare it with domestic Chinese security service providers such as 奇安信, 启明星辰, 绿盟科技, 安恒信息, and 深信服.