All products

GovCERT

Government Computer Emergency Response Team

Interaction with the regulator

SGRC, CERT, CSIRT, Government, regulator, bulletins, alerts

Product overview

Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator.

Security Vision GovCERT ensures the formation of new tasks, applications and incidents taking into account the regulations, as well as informing the regulator about incidents. The solution can be integrated with the incident management system within the organization.

Reception of messages from response centers can be configured in various forms (JSON or, for example, files like “bulletin.pdf”) depending on the customer’s internal processes. Sending information to operators can be carried out in automatic and semi-automatic (using a button in the interface) modes via API and electronic messages (as a backup channel).

Application

Receiving messages from CERT centers


Automatic generation of new tasks, requests or incidents based on the information received - depending on the customer’s built-in internal processes

Regulator notice


Sending information about incidents by the operator, which can be carried out in both automatic and semi-automatic modes via the main (API) or backup (corporate mail) channels for fault tolerance

Integration with SOAR


Implementation of two-way data exchange with CERT for IRP/SOAR incident management systems and other solutions (for example, ITSM/SD) within the customer’s perimeter to automate routine actions

Get a demo of a
Security Vision product

Mail us to sales@securityvision.ru
or get a demo

Other products

Other products

SOAR

Security Orchestration, Automation and Response

Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach.

NG SOAR

Next Generation SOAR

Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included.

TIP

Threat Intelligence Platform

Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.

AM

Asset Management

Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations.

RM

Risk Management

Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.

UEBA

User and Entity Behavior Analytics

Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.

ORM

Operational Risk Management

Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control

VM

Vulnerability Management

Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions.

CM

Compliance Management

Audit of compliance with various methodologies and standards

AD + ML

User and Entity Behavior Analysis

Dynamic behavioral analysis to search for anomalies using machine learning and to search for possible incidents.

BCP

Business Continuity Plan

Automation of ensuring continuity and restoration of activities after emergencies.

FinCERT

Financial Computer Emergency Response Team

Financial Computer Emergency Response Team

OTS

Operational Technology Security

Operational Technology Security

Still have questions?

Mail us to sales@securityvision.ru or get demo