SOT
Mail us to sales@securityvision.ru or get demo presentation
SDA
Mail us to sales@securityvision.ru or get demo presentation
GRC
Mail us to sales@securityvision.ru or get demo presentation
Security Orchestration, Automation and Response
Next Generation SOAR
Asset Management
Vulnerability Management
Financial Computer Emergency Response Team
Government Computer Emergency Response Team
User and Entity Behavior Analysis
Anomaly detection with machine learning
AD, ML, dynamic analysis, unsupervised learning, supervised learning
Dynamic behavioral analysis to search for anomalies using machine learning and search for possible incidents.
Security Vision AD + ML supports manual and automatic selection of model parameters to improve the quality of detected alarms, and retraining on live traffic, expanding the ability to identify anomalies and search for incidents.
Various ML techniques are used to work effectively. First of all, models trained on various data sets related to the activity of botnet networks, malware, DDoS attacks and other incidents are used. Unsupervised models, on the other hand, detect anomalies dynamically by constantly retraining on your data.
Integration with information security and other sources of information security events; when collected, events are converted into incidents when their number accumulates (for example, when volume indicators are exceeded) and total weight (each event has weight). There are white lists (for exceptions) and lists of critical systems (for automatically creating incidents without taking into account events and their weight)
~30 unique correlation rules in combination with methods of mathematical statistics (~50 built-in rules) and machine learning: open-source datasets (ddos, bot, lateral, malware, suspicious, etc.), emulation of attack scenarios at the Security Vision cyber testing site, as well as training the system on client traffic (“supervised” models)
The ability to automatically send new incidents and events to SOAR or SIEM, automatically enrich information on objects from internal and external sources (AD, Whois, etc.) as well as built-in response actions (adding to NGFV blocklists, adding to SIEM active lists and other operations)
Mail us to
sales@securityvision.ru
or get a demo
Security Orchestration, Automation and Response
Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach.
Next Generation SOAR
Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included.
Threat Intelligence Platform
Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.
Asset Management
Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations.
Risk Management
Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.
User and Entity Behavior Analytics
Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.
Operational Risk Management
Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control
Vulnerability Management
Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions.
Compliance Management
Audit of compliance with various methodologies and standards
Business Continuity Plan
Automation of ensuring continuity and restoration of activities after emergencies.
Financial Computer Emergency Response Team
Financial Computer Emergency Response Team
Government Computer Emergency Response Team
Government Computer Emergency Response Team
Security Orchestration, Automation and Response
Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach.
Next Generation SOAR
Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included.
Threat Intelligence Platform
Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.
Asset Management
Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations.
Risk Management
Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.
User and Entity Behavior Analytics
Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.
Operational Risk Management
Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control
Vulnerability Management
Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions.
Compliance Management
Audit of compliance with various methodologies and standards
Business Continuity Plan
Automation of ensuring continuity and restoration of activities after emergencies.
Financial Computer Emergency Response Team
Financial Computer Emergency Response Team
Government Computer Emergency Response Team
Government Computer Emergency Response Team
Operational Technology Security
Operational Technology Security
Still have questions?