SOT
Mail us to sales@securityvision.ru or get demo presentation
SDA
Mail us to sales@securityvision.ru or get demo presentation
GRC
Mail us to sales@securityvision.ru or get demo presentation
Security Orchestration, Automation and Response
Next Generation SOAR
Asset Management
Vulnerability Scanner
Vulnerability Management
Financial Computer Emergency Response Team
Government Computer Emergency Response Team
Vulnerability management
security analysis, vulnerability, CVE, CVSS
Building a discovery process and elimination of technical vulnerabilities, information acquisition from available security scanners, update management platforms, expert external services and other solutions.
SV VM provides a complete picture of vulnerabilities, their relationships and recommendations from various sources, building a continuous cyclic process with automation of alerts, reports and other necessary actions.
When one or more security scanners are connected, it automatically creates and categorizes vulnerability descriptions for further remediation. The full cycle of work is possible both using a third-party ITSM/SD system and using the built-in ticketing and SLA management system.
Analysis of scanner reports (e.g. XML), API integration (data collection and running a scan) and other methods of describing, grouping and deduplication technical vulnerabilities, as well as establishing relationships and using The Data Security Threats Database FSTEC of Russia, NVD, Microsoft bulletins and other sources.
Static/updated knowledge bases from external analytical services (The Data Security Threats Database, VulDB, Vulners, AttackersKB, OpenCVE, etc.) that complement the quality of the initial reports from scanners.
Defines SLA in vulnerability remediation requests on a set of different parameters (e.g. CVSS and IT asset data) with ticket creation both within the solution and in third-party ITSM/SD systems (Jira, Naumen, etc.).
Dimensions of vulnerabilities
Vulnerability cards can be generated independently via the built-in editor or using pre-configured metrics:
The full card displays detailed information about the vulnerability (ID, creation date, criticality) with the ability to use tags (by matching part of the description text with one of the entries in the custom reference book). General information includes the CVE code, dates of first and last detection, and other information from all available sources.
Requests for elimination
Requests generated by the system and assigned to executors are searchable and displayed in a tabular presentation with the ability to sort by each parameter, filter by any properties of cards and related objects.
In addition to these vulnerabilities, applications are managed through specific performers or incident response teams and have a separate life cycle that includes status changes, confirmation requests, and execution and SLA tracking. The progress bar clearly shows the current status and remaining time for performers and their managers for load balancing.
Autopatching and automatic task confirmation
The system can update vulnerable software to the latest version and roll back changes in case of unsuccessful application either by pressing buttons or fully automatically.
The functionality also includes automatic checks for actual vulnerability remediation when you close tasks: if vulnerabilities are not detected during re-scanning, , the system will set the task to "Confirmed" status, and otherwise it will return the task to work and mark it accordingly.
Full user control
Users can choose different scenarios for creating tasks and groupings: for example, create separate tasks for specific vulnerabilities and objects, group all vulnerabilities by one asset in other tasks, and for individual vulnerabilities create one task for each vulnerability across all assets where it was found, etc.
The tasks themselves are managed both within the solution (with a full life cycle and automation capabilities) and with transfer to external Service Desk / ITSM systems (Naumen SD, Jira OTRS, Redmine, etc.) and monitoring the status of requests in them.
Vulnerability analysis and linkage graph
Depending on the applied security scanners, external and internal analytical services, the solution builds links between objects for quick navigation through cards or link graphs (vulnerability groups, remediation requests, assets and other objects).
Additionally, clickable links to remediation guides and vulnerability descriptions from various sources are provided.
Report generation
For vulnerabilities and trouble tickets, you can generate a report using your own template for uploading as a file in various formats:
Reports can contain any properties obtained in the vulnerability remediation cycle.
The appearance can be customized granularly with the choice of fonts, colors, images and logos, diagrams, indents, numbering, headers and footers, and other characteristics.
Mail us to
sales@securityvision.ru
or get a demo
Security Orchestration, Automation and Response
Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach
Next Generation SOAR
Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included
Threat Intelligence Platform
Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.
Asset Management
Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations
Risk Management
Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.
Vulnerability Scanner
Scanning information assets with enrichment from any external services (additional scanners, The Data Security Threats Database and other analytical databases) to analyze the security of the infrastructure.
User and Entity Behavior Analytics
Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.
Operational Risk Management
Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control
Compliance Management
Audit of compliance with various methodologies and standards
User and Entity Behavior Analysis
Dynamic behavioral analysis to search for anomalies using machine learning and to search for possible incidents.
Business Continuity Plan
Automation of ensuring continuity and restoration of activities after emergencies.
Financial Computer Emergency Response Team
Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Government Computer Emergency Response Team
Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Operational Technology Security
Operational Technology Security
Security Orchestration, Automation and Response
Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach
Next Generation SOAR
Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included
Threat Intelligence Platform
Cybersecurity threat data collection, analysis, enrichment, infrastructure detection, investigation and response.
Asset Management
Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations
Risk Management
Formation of a register of risks, threats, protection measures and other control parameters, assessment using the chosen methodology, formation of a list of additional measures to change the level of risk, control of execution, periodic reassessment.
Vulnerability Scanner
Scanning information assets with enrichment from any external services (additional scanners, The Data Security Threats Database and other analytical databases) to analyze the security of the infrastructure.
User and Entity Behavior Analytics
Building behavior models and detecting deviations from them using several dozen built-in static analysis rules.
Operational Risk Management
Accounting and recording of operational risk events, monitoring of key risk indicators and self-assessment/control
Compliance Management
Audit of compliance with various methodologies and standards
User and Entity Behavior Analysis
Dynamic behavioral analysis to search for anomalies using machine learning and to search for possible incidents.
Business Continuity Plan
Automation of ensuring continuity and restoration of activities after emergencies.
Financial Computer Emergency Response Team
Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Government Computer Emergency Response Team
Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator
Operational Technology Security
Operational Technology Security
Still have questions?