Security Vision
Introduction
In today's world, compliance is becoming an increasingly complex task. Organizations must comply with a multitude of standards, regulations, and internal policies, which requires significant resources and time. At Security Vision we are interested in quickly passing the compliance process. In this article, we will look at how neural networks can automatically assess the compliance of assets by analyzing their properties and text requirements.
1. What is Compliance?
Compliance is a company's compliance with laws, standards, and internal rules to minimize the risks of violations and fines. It includes monitoring, employee training, and the implementation of procedures to meet regulatory requirements.
1.1. Auto Compliance
Auto Compliance is an approach to automating the processes of assessing the compliance of assets (e.g. servers, applications, databases) with the requirements of standards, regulators or internal policies. Instead of manual analysis and verification, Auto Compliance uses neural network technologies to compare asset properties with text requirements and issue a compliance verdict, as well as checking secure setup practices (Technical Compliance ) and company policies for compliance.
Main components of Auto Compliance:
· Assets: Servers, applications, databases, networks and other infrastructure elements.
· Asset properties: Operating systems, information security tools, etc.
· Requirements: Text descriptions of standards, regulations, or internal policies.
· AI Agent Systems: Machine learning algorithms that analyze asset properties and requirement text.
1.2 What is Technical Compliance?
Technical Compliance includes checking the security parameters of IT assets in accordance with the requirements of the FSTEC of Russia and best cybersecurity practices.
Hardening is a key step in improving an organization's security. It reduces vulnerabilities in software, hardware, networks, and infrastructure, reducing the attack surface and cyber risks.
Application areas of hardening:
· Cloud services and databases
· Application software (workstations, servers)
· Mobile and network devices
· Information security tools
· Operating systems
Hardening levels:
1. Basic recommendations (minimizing attack surface without loss of functionality).
2. Defense - in-Depth , but with the risk of failures due to implementation errors.
3. Combined or custom standards for a specific infrastructure.
Stages technical Compliance:
1. Inventory of systems and networks.
2. Identifying owners of assets and critical systems.
3. Classification of assets.
4. Assigning security profiles.
5. Setting up security settings.
6. Automation of checks (for example, using Security Vision SPC).
Result: the system automatically checks compliance with requirements and generates reports (Telegram, email, etc.).
2. How is conformity assessment performed using a trained model?
The automated conformity assessment process can be divided into several stages:
2.1 Data collection
· Asset Properties: Asset data is collected automatically from various sources such as monitoring systems, inventory results, CMDB (Configuration Management Database), vulnerability scanners, etc.
· Requirements: Text requirements are loaded from standards, security policies or internal documents.
2.2. Text processing
· The text is converted into a vector (a set of numbers) through methods that encode the meaning or structure of the text into a numerical form. Preprocessing stages: tokenization (breaking into words), removal of stop words (e.g., "and", "in"), lemmatization (reduction to the initial form).
2.3. Comparison of properties of assets and claims
The neural network compares asset property values with the requirement text using the following approaches:
· Text2Text Generation — a task in NLP (Natural Language Processing), where the model takes a text input (a "questionnaire" to fill out and data about the asset) and generates a text output (returns the filled-out "questionnaire"), preserving the semantic connection with the original text.
· LLM ( Large Language Model ) is a standard approach using a locally deployed model. The model is fed with a description of the asset and the text of the requirement, and at the output we receive a response of the required format. Small models with up to 7 billion parameters can be used.
· Matching — the approach is applicable only if the text of the requirement is converted into a description of the "ideal asset" — an asset where there is a complete match to the requirements. Then it will be possible to compare the asset model with the real asset.
2.4. Report generation
The evaluation results are automatically generated into a report, which includes:
· List of assets and their compliance with requirements.
· Recommendations for eliminating discrepancies.
· Data visualization (e.g. charts and graphs).
If there are no pre-prepared report templates, then such capabilities can be provided by a system of agents based on LLM, for example, YandexGPT.
3. Advantages of Auto Compliance
Using neural networks to automate Compliance provides several key benefits:
3.1. Saving time and resources
Automation can significantly reduce the time spent on manual analysis and verification. This is especially important for medium and large organizations.
3.2. Improving accuracy
Neural networks are capable of analyzing large amounts of data with high accuracy, minimizing human errors, provided that the agents are fine-tuned in advance.
3.3 Scalability
Auto Compliance scales easily to large infrastructures, as well as cloud environments and distributed systems.
3.4. Constant updating
Neural networks can automatically update themselves to take into account changes in requirements, new threats, highlighting new risks and asset vulnerabilities.
4. Examples of use
4.1. Compliance with ISO 27001
The organization can use Auto Compliance to check whether your assets meet the requirements of the ISO 27001 standard. For example, the neural network checks whether data encryption and regular software updates are configured on the servers.
4.2. Compliance with internal security policies
Companies can use Auto Compliance to check whether assets comply with internal security policies. For example, the neural network checks whether antiviruses and firewalls are used on all devices.
5. The Future of Auto Compliance
With the development of neural network and machine learning technologies, Auto Compliance will become an increasingly powerful tool. In the future, we can expect:
· More accurate analysis: Neural networks will better understand context and complex requirements.
· Risk prediction: Neural networks will be able to not only assess current compliance, but also predict potential risks.
Conclusion
Auto Compliance, powered by AI agents, is a revolutionary approach to automating compliance assessment processes. It allows organizations to save time, improve accuracy, and scale compliance assessments to large infrastructures. In the context of a growing number of standards, regulatory requirements, and information security threats, such technologies are becoming an essential element of security and risk management strategies.
 (2).jpg)
 2 - копия.jpg)
