SOT
Mail us to sales@securityvision.ru or get demo presentation
SDA
Mail us to sales@securityvision.ru or get demo presentation
GRC
Mail us to sales@securityvision.ru or get demo presentation
Security Orchestration, Automation and Response
Next Generation SOAR
Asset Management
Vulnerability Management
Financial Computer Emergency Response Team
Government Computer Emergency Response Team
Asset Management
Asset and inventory management
CMDB, IT assets, accounts, software, management, inventory, update
Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations.
Security Vision AM does not require a large number of information security tools and is suitable for solving problems related not only to practical security, but also to risk management processes, compliance with various standards, etc.
The autonomous mode of operation uses the built-in network search mechanism and agentless inventory, and when connecting third-party solutions (SIEM, uCMDB, vulnerability scanners, etc. of information security and IT systems) it ensures the collection of the necessary information with deduplication and enrichment capabilities.
Regular agentless search for new assets, customizable distribution by category, working both offline and with integrations of third-party solutions, without restrictions on the number of objects, their types, network segments, users and roles for companies of any size
Can be performed completely autonomously using its own built-in mechanism and/or using third-party solutions, for example: AV/EDR, DLP, VM, LPAD, SIEM, etc. to aggregate information about the composition of equipment, software, ultrasound and other information
Monitoring the composition and condition of assets (equipment, protection nodes, software, etc.) from a single web interface with the ability to launch automation scripts as part of collecting information and conducting investigations
Common data sources
Information about assets is enriched, including from third-party solutions, files and databases, for example:
• SIEM;
• uCMDB;
• AV/EDR;
• DLP/EM;
• Vulnerability scanners;
• LDAP directories, AD, open LDAP;
• Lansweeper;
• MS SCCM;
• WSUS;
• VMware;
• nslookup;
and other information security/IT systems
Remote control
Various actions can be performed on multiple assets using bulk operations or on a per-asset basis, for example:
• user blocking/unblocking;
• end the session;
• checking the version and updating the software;
• software removal;
• obtaining a list of local administrators;
• obtaining a list of rights for a folder;
• obtaining a list of network connections;
• routing table;
• firewall rules;
etc.Asset categorization
Assets are displayed in a general list with the ability to search, filter and sort by any parameter, as well as divided into categories, for example:
• servers and workstations;
• network hardware;
• data storage systems;
• printers and multifunctional devices;
• telephones and VoIP.Accounting for business parameters
Consolidation of assets into information systems linked to the organization and branch, as well as taking into account additional parameters, for example:
• confidentiality;
• integrity;
• availability;
• criticality;
• price;
• business owner;
• functions;
• RTO levels.Reporting
For each asset or selected group, you can generate a report using your own template for downloading as a file in various formats:
• pdf;
• txt;
• docx;
• xlsx;
• ods;
• odt;
• csv.
Reports can contain any properties obtained during inventory.
The appearance can be customized granularly with a choice of fonts, colors, pictures and logos, diagrams, indents, numbering, headers and other characteristicsVisualization
Assets can be depicted on a map of the organization (uploading background images, icons, animations) or a geographic map (if coordinates are available).
Any types of assets can be connected to each other to build graphs, for example, a software connection graph.
Cards and table views for any type of asset can be customized by adding new properties, columns, buttons without any licensing restrictions.
Mail us to
sales@securityvision.ru
or get a demo
Security Orchestration, Automation and Response
Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach
Next Generation SOAR
Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included
Threat Intelligence Platform
Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.
Risk Management
Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.
User and Entity Behavior Analytics
Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.
Operational Risk Management
Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control
Vulnerability Management
Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions
Compliance Management
Audit of compliance with various methodologies and standards
User and Entity Behavior Analysis
Dynamic behavioral analysis to search for anomalies using machine learning and to search for possible incidents.
Business Continuity Plan
Automation of ensuring continuity and restoration of activities after emergencies.
Financial Computer Emergency Response Team
Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Government Computer Emergency Response Team
Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Security Orchestration, Automation and Response
Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach
Next Generation SOAR
Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included
Threat Intelligence Platform
Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.
Risk Management
Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.
User and Entity Behavior Analytics
Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.
Operational Risk Management
Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control
Vulnerability Management
Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions
Compliance Management
Audit of compliance with various methodologies and standards
User and Entity Behavior Analysis
Dynamic behavioral analysis to search for anomalies using machine learning and to search for possible incidents.
Business Continuity Plan
Automation of ensuring continuity and restoration of activities after emergencies.
Financial Computer Emergency Response Team
Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Government Computer Emergency Response Team
Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Operational Technology Security
Operational Technology Security
Still have questions?