The Challenge

Small Team, Big Security Gaps

Golf Club St. Leon-Rot is one of the most well-known golf clubs in Germany. For Johannes Hofmann, the club’s IT Manager, managing IT security was only one part of a much broader role. Hofmann’s team, consisting of just three people, believed they had a good handle on their environment – until they tried XM Cyber.

“I always thought that because our environment is small, I knew everything that was going on. Then we used XM Cyber, and it uncovered issues that weren’t even on my radar. They were obvious once I saw them, but I had no idea before,” said Hofmann.

This was a true eye-opener and propelled them to challenge their previously held ideas about their security posture. The club realized they needed better visibility and a structured approach to address critical risks – especially around Active Directory, which XM Cyber revealed was poorly protected.

The Solution

Structured Rollout with Ongoing Support

The decision to adopt XM Cyber came through a recommendation, and it quickly proved its value. “We weren’t particularly looking for a solution,” Hofmann recalled. “Like many teams, we felt our existing vulnerability management and penetration testing were sufficient.” However, a fellow CISO insisted we check it out, highlighting how its lateral movement simulation could uncover blind spots our traditional tools were missing. “He saw that it’s a very good product and it could help us a lot, so then we gave it a try.” That initial trial immediately uncovered critical, unpatched attack paths that would have been impossible to find through siloed scans, quickly turning a casual recommendation into a core part of our security strategy.

XM Cyber’s customer success team provided hands-on guidance throughout the deployment. “The deployment was very good. We had lots of help from XM Cyber with our customer success manager,” Hofmann said. “We made a step-by-step plan, rolled out the XM Cyber collectors, and tackled each task in order. Everything worked smoothly, and we’re still following that roadmap.”

Benefits and Outcomes

Greater Confidence and Measurable Progress

XM Cyber delivered immediate results for the club:

✅ Critical visibility – “It was surprising to see that if we were breached, the whole environment would be at risk because our Active Directory wasn’t well protected. That was the biggest eye-opener for me.”

✅ Quick security wins – “We implemented quick fixes that were easy to apply and immediately made us feel more secure.”

✅ A clear path forward – “Now we’re focusing on longer-term processes. Active Directory tiering is our biggest priority to establish a solid security baseline.”

✅ Peace of mind – “The biggest benefit is confidence. I can sleep better knowing the problems are no longer hidden.”

Recommendation and Future Outlook

A Solution Worth Sharing

Hofmann has become a strong and vocal advocate for XM Cyber within his professional network.

“Of course I recommend it to other colleagues and also share it with other companies in our environment,” he says. “I see it as a game changer for IT security, and I am very convinced of XM Cyber as a solution.” This enthusiasm stems from the visibility and actionable data the platform provides, fundamentally changing how his team prioritizes risk.

Looking ahead, the club plans to continue integrating XM Cyber deeper into their security operations to continuously improve their defenses and strengthen their cyber resilience processes over time. The goal is to move beyond periodic checks to always-on attack path management, ensuring their protection evolves as quickly as their environment changes.