SOT

SOT

SOAR
Security Orchestration, Automation and Response

Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach

NG SOAR
Next Generation SOAR

Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included

AM
Asset Management

Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations

VS
Vulnerability Scanner

Scanning information assets with enrichment from any external services (additional scanners, The Data Security Threats Database and other analytical databases) to analyze the security of the infrastructure.

VM
Vulnerability Management

Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions

FinCERT
Financial Computer Emergency Response Team

Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator

GovCERT
Government Computer Emergency Response Team

Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator

Mail us to sales@securityvision.ru or get demo presentation

SDA

SDA

TIP
Threat Intelligence Platform

Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.

UEBA
User and Entity Behavior Analytics

Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.

AD + ML
User and Entity Behavior Analysis

Dynamic behavioral analysis to search for anomalies using machine learning and to search for possible incidents.

Mail us to sales@securityvision.ru or get demo presentation

GRC

GRC

RM
Risk Management

Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.

ORM
Operational Risk Management

Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control

CM
Compliance Management

Audit of compliance with various methodologies and standards

BCP
Business Continuity Plan

Automation of ensuring continuity and restoration of activities after emergencies.

OTS
Operational Technology Security

Operational Technology Security

Mail us to sales@securityvision.ru or get demo presentation

DEMO
presentation

SOT

Technology
SOAR

Security Orchestration, Automation and Response
NG SOAR

Next Generation SOAR
AM

Asset Management
VS

Vulnerability Scanner
VM

Vulnerability Management
FinCERT

Financial Computer Emergency Response Team
GovCERT

Government Computer Emergency Response Team

GRC

Processes
RM

Risk Management
ORM

Operational Risk Management
CM

Compliance Management
BCP

Business Continuity Plan
OTS

Operational Technology Security

SDA

Analytics
TIP

Threat Intelligence Platform
UEBA

User and Entity Behavior Analytics
AD + ML

User and Entity Behavior Analysis

All products

SOT

Technology

SOAR

Security Orchestration, Automation and Response

NG SOAR

Next Generation SOAR

AM

Asset Management

VS

Vulnerability Scanner

VM

Vulnerability Management

FinCERT

Financial Computer Emergency Response Team

GovCERT

Government Computer Emergency Response Team

GRC

Processes

RM

Risk Management

ORM

Operational Risk Management

CM

Compliance Management

BCP

Business Continuity Plan

OTS

Operational Technology Security

SDA

Analytics

TIP

Threat Intelligence Platform

UEBA

User and Entity Behavior Analytics

AD + ML

User and Entity Behavior Analysis
All products
Clients FAQ

Capabilities of the updated Security Vision KII product

Capabilities of the updated Security Vision KII product
25.02.2025

The updated Security Vision CII product ensures the implementation of legislative requirements in terms of critical information infrastructure in automatic mode.


Security Vision CII automates the following processes:


   - Formation of an up-to-date list of CII objects and critical processes

   - Categorisation of CII objects for the purpose of determining the category of significance

   - Information security threat modelling to identify relevant threats to the CII subject matter

   - Assessment of Compliance of IIP Objects with Information Security Requirements

   - Handling regulator requests and related tasks.


Security Vision KII can be used both in small and medium-sized businesses and in large enterprises with a geographically distributed structure. For the latter, it is possible to separate powers and areas of responsibility (e.g., isolation of each of the branches or controlled enterprises).


Categorisation of CII facilities


The process of categorising CII objects with the help of Security Vision CII starts with the identification of the organisation's critical processes, which, if violated, may lead to negative consequences. The product generates a list of critical processes and identifies critical information infrastructure objects that automate these processes.


The indicators of the significance criteria and their values for determining the significance category are assessed, and all necessary information on the CII object is filled in. All information on related assets is filled in automatically from the asset model.


As a result of the categorisation process, documents are generated that fully comply with the requirements of the FSTEC of Russia:


   - Information on the results of assigning a category of significance to an CII object or on the absence of the need to assign it one of such categories

   - The act of categorisation of an ICI facility.


Information security threat modelling


The threat modelling process for CII facilities takes into account all objects of influence and their components, with the ability to flexibly shape the modelling domain.


Threat modelling includes:


   - Determining the negative consequences in the form of damage to the organisation in the event of a computer incident that could disrupt or stop the execution of a critical process

   - Identification of potential intruders (threat sources)

   - Adding threat groups automatically or manually

   - Adding ways to implement threats automatically or manually

   - Add threats automatically or manually.


Threat modelling is carried out in accordance with the methodological document of the FSTEC of Russia - "Methodology for Assessing Threats to Information Security". The result of the modelling is a list of actual threats in relation to the impact objects and their components, which, in turn, are part of the CII object.


Assessment of Compliance of IIP Objects with Information Security Requirements


The conformity assessment process is carried out with respect to CII objects to assess the requirements and security measures implemented in accordance with FSTEC Orders No. 235 and No. 239.The assessment is carried out by filling in information on the current state of the CII object with the possibility to delegate (fully or partially) the questionnaires to the relevant experts.


A list of unrealised and incompletely realised requirements is generated with the possibility of creating tasks to eliminate nonconformities.


Requests from regulators


Security Vision CII processes requests from the following regulators:


   - Bank of Russia

   - FSTEC of Russia

   - Russian Federal Security Service.


The request received from the regulator is entered into the system. If necessary, a task is formed for a certain executor with a deadline for fulfilment, as well as the ability to control the execution. Two-way integration with the main external ITSM systems with the ability to create requests and track their statuses is realised.


Reports and dashboards


Security Vision KII has deeply elaborated the main reports on KII processes both for submission to the FSTEC of Russia and for internal use.


Dashboards highlight the CII objects that need to be categorised and threat modelled in the near future, helping to track current threats and intruders on an ongoing basis. An interactive map displays statistics on all controlled organisations and branches distributed across the country. 

Recommended

Scenarios of untyped UEBA attacks
Scenarios of untyped UEBA attacks

23.09.2024

New Security Vision VM Product Features
New Security Vision VM Product Features

20.05.2025

How regreSSHion opened a new chapter in old OpenSSH attacks
How regreSSHion opened a new chapter in old OpenSSH attacks

23.01.2025

Cybersecurity – how to protect yourself from the threats of the digital world
Cybersecurity – how to protect yourself from the threats of the digital world

16.06.2025

Technical knowledge of a first-class SOC specialist
Technical knowledge of a first-class SOC specialist

28.10.2024

Secure development without barriers: How to build an SSDLC that actually works
Secure development without barriers: How to build an SSDLC that actually works

03.07.2025

Investigation of incidents and use of specialized tools
Investigation of incidents and use of specialized tools

27.01.2025

Phishing - what is it, how to protect yourself from phishing attacks and emails. Part 1
Phishing - what is it, how to protect yourself from phishing attacks and emails. Part 1

02.06.2025

No - code development and ML assistants are the next generation of SOC analyst tools
No - code development and ML assistants are the next generation of SOC analyst tools

19.06.2025

What is a cyber incident - in simple words about a complex threat
What is a cyber incident - in simple words about a complex threat

26.05.2025

Security Vision SOAR and NG SOAR Upgrade Capabilities
Security Vision SOAR and NG SOAR Upgrade Capabilities

15.05.2025

CVE (Common Vulnerabilities and Exposures) — database of information security vulnerabilities
CVE (Common Vulnerabilities and Exposures) — database of information security vulnerabilities

31.03.2025

Recommended

Scenarios of untyped UEBA attacks

23.09.2024

Scenarios of untyped UEBA attacks
New Security Vision VM Product Features

20.05.2025

New Security Vision VM Product Features
How regreSSHion opened a new chapter in old OpenSSH attacks

23.01.2025

How regreSSHion opened a new chapter in old OpenSSH attacks
Cybersecurity – how to protect yourself from the threats of the digital world

16.06.2025

Cybersecurity – how to protect yourself from the threats of the digital world
Technical knowledge of a first-class SOC specialist

28.10.2024

Technical knowledge of a first-class SOC specialist
Secure development without barriers: How to build an SSDLC that actually works

03.07.2025

Secure development without barriers: How to build an SSDLC that actually works
Investigation of incidents and use of specialized tools

27.01.2025

Investigation of incidents and use of specialized tools
Phishing - what is it, how to protect yourself from phishing attacks and emails. Part 1

02.06.2025

Phishing - what is it, how to protect yourself from phishing attacks and emails. Part 1
No - code development and ML assistants are the next generation of SOC analyst tools

19.06.2025

No - code development and ML assistants are the next generation of SOC analyst tools
What is a cyber incident - in simple words about a complex threat

26.05.2025

What is a cyber incident - in simple words about a complex threat
Security Vision SOAR and NG SOAR Upgrade Capabilities

15.05.2025

Security Vision SOAR and NG SOAR Upgrade Capabilities
CVE (Common Vulnerabilities and Exposures) — database of information security vulnerabilities

31.03.2025

CVE (Common Vulnerabilities and Exposures) — database of information security vulnerabilities

Other articles

The process of finding, analysing and assessing vulnerabilities
The process of finding, analysing and assessing vulnerabilities

13.01.2025

Cybersecurity – how to protect yourself from the threats of the digital world
Cybersecurity – how to protect yourself from the threats of the digital world

16.06.2025

Security Vision SOAR and NG SOAR Upgrade Capabilities
Security Vision SOAR and NG SOAR Upgrade Capabilities

15.05.2025

Comparative Review: Shodan, ZoomEye , Netlas , Censys , FOFA and Criminal IP. Part 3
Comparative Review: Shodan, ZoomEye , Netlas , Censys , FOFA and Criminal IP. Part 3

10.07.2025

Spam protection for companies and households
Spam protection for companies and households

17.03.2025

No - code development and ML assistants are the next generation of SOC analyst tools
No - code development and ML assistants are the next generation of SOC analyst tools

19.06.2025

DMA attack and defense against it
DMA attack and defense against it

28.04.2025

IT asset management
IT asset management

09.09.2024

What are sniffers and how are they used
What are sniffers and how are they used

16.09.2024

Other articles

The process of finding, analysing and assessing vulnerabilities

13.01.2025

The process of finding, analysing and assessing vulnerabilities
Cybersecurity – how to protect yourself from the threats of the digital world

16.06.2025

Cybersecurity – how to protect yourself from the threats of the digital world
Security Vision SOAR and NG SOAR Upgrade Capabilities

15.05.2025

Security Vision SOAR and NG SOAR Upgrade Capabilities
Comparative Review: Shodan, ZoomEye , Netlas , Censys , FOFA and Criminal IP. Part 3

10.07.2025

Comparative Review: Shodan, ZoomEye , Netlas , Censys , FOFA and Criminal IP. Part 3
Spam protection for companies and households

17.03.2025

Spam protection for companies and households
No - code development and ML assistants are the next generation of SOC analyst tools

19.06.2025

No - code development and ML assistants are the next generation of SOC analyst tools
DMA attack and defense against it

28.04.2025

DMA attack and defense against it
IT asset management

09.09.2024

IT asset management
What are sniffers and how are they used

16.09.2024

What are sniffers and how are they used

This website uses cookies to ensure you get the best experience.