SOT

SOT

SOAR
Security Orchestration, Automation and Response

Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach

NG SOAR
Next Generation SOAR

Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included

AM
Asset Management

Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations

VS
Vulnerability Scanner

Scanning information assets with enrichment from any external services (additional scanners, The Data Security Threats Database and other analytical databases) to analyze the security of the infrastructure.

VM
Vulnerability Management

Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions

FinCERT
Financial Computer Emergency Response Team

Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator

GovCERT
Government Computer Emergency Response Team

Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator

Mail us to sales@securityvision.ru or get demo presentation

Technology partners can expand the ecosystem based on the Security Vision platform and create solutions with their own expertise from scratch or by adapting the existing ones.

The functionality of the constructors is available to partners and clients in the basic Security Vision license. The platform has no artificial restrictions on the number and logic of created objects, processes, reports and commands for interaction with third-party solutions, providing flexibility in customization and connection of any third-party products.

Platform
operating principles

Client-server architecture
The Security Vision platform is built on a client-server architecture, and its components are implemented as web applications running on a web server.
Access via a web browser
Access to Security Vision functions is provided through a web browser operating on the client side without the need for a thick client.
Centralized interface
The Web Portal component manages all platform services. If necessary, individual installations can transfer information among themselves via API, so you can create a common ecosystem both within one company and when interacting with commercial SOCs.

Get a demo of a
Security Vision product

Mail us to sales@securityvision.ru
or get a demo

System
architecture





The Security Vision platform provides many arbitrary options for installing components on individual server capacities, including placing different components in different segments of the organization’s network.

Additional platform fault tolerance can be provided by duplicating the main components.

Due to the microservice architecture, individual elements of the platform can be placed on separate servers and virtual machines.

Security Vision software has a service architecture and consists of these components

Web portal
The main component that provides
users access to the functions of the Platform.
Connector
service
Responsible for receiving events from external systems and ensures implementation
response actions on external systems.
Collector
service
Responsible for receiving events from external systems and ensures implementation.
Processing service
Processes work processes and executes calculations.
Database
The component where data is stored.
Alert service
Processes alerts and sends them to final recipients.
Reporting service
Generates reports and sends them according to a schedule to the final recipients.