SOT

SOT

SOAR
Security Orchestration, Automation and Response

Automation of response to information security incidents using dynamic playbooks and information security tools, building an attack chain and with an object-oriented approach

NG SOAR
Next Generation SOAR

Automation of response to information security incidents with built-in basic correlation (SIEM), vulnerability Scanner (VS), collection of raw events directly from information security tools, dynamic playbooks, building an attack chain and an object-oriented approach. AM and VM are included

AM
Asset Management

Description of the IT landscape, detection of new objects on the network, categorization of assets, inventory, life cycle management of equipment and software on automated workstations and servers of organizations

VS
Vulnerability Scanner

Scanning information assets with enrichment from any external services (additional scanners, The Data Security Threats Database and other analytical databases) to analyze the security of the infrastructure.

VM
Vulnerability Management

Building a process for detecting and eliminating technical vulnerabilities, collecting information from existing security scanners, update management platforms, expert external services and other solutions

FinCERT
Financial Computer Emergency Response Team

Bilateral interaction with the Central Bank, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator

GovCERT
Government Computer Emergency Response Team

Bilateral interaction with the state coordination center for computer incidents, namely the transfer of information about incidents and receipt of prompt notifications/bulletins from the regulator

Mail us to sales@securityvision.ru or get demo presentation

Reviews

"Based on the results of competitive procedures, the Security Vision SOAR/SGRC platform was selected to implement the implementation of the cyber incident response automation system. The implementation of all the tasks set was successfully completed by the platform implementation team during 2022. More than 20 manual cyber incident processing operations have been automated in our SOC, sources have been connected to enrich and contextualize data on information security incidents, integrations have been configured to perform automated actions to respond to cyber incidents, asset information collection processes and aggregation of scan results for vulnerabilities have been configured, the process of interaction with FinCERT has been automated, more than 40-for various widgets, dashboards, and graphical representations."

Sergey Kramarenko Head of the Cybersecurity Department

"MegaFon uses the Security Vision CII solution to automate routine tasks of protecting critical infrastructure facilities. It automates the formation of a list of critical processes, the categorization of CII objects, the development of a threat model, asset management, control of the composition of protective measures for CII objects, as well as interaction with the NCC in terms of receiving and sending information on information security incidents. Due to the wide functionality for integration with MegaFon Security Vision systems, the CII allows you to consolidate information about protected assets and their properties, and flexible configuration of threat modeling processes and monitoring compliance with regulatory requirements for the protection of CII allows you to take into account the nuances of the telecom operator's work."

Alexander Osipov Director of Cloud and Infrastructure Computing

"With the implementation of the Security Vision platform, Russian Post has gained the opportunity not only to atomically use individual security solutions, but also to build an ecosystem of the same security solutions, as well as to automate the aggregation of necessary data from a variety of internal and external sources for enrichment and contextualization. Due to important and high-quality integrations with most of the information security products and services we use, it becomes possible not only to manage information security/IT tools from a single point and using the user-friendly web interface of Security Vision, but also to build automated processes with minimal human involvement. It is also important to note the flexibility of the platform and the low entry threshold to work with it, since most of the content is developed using the no-code approach via the web interface, which makes it easy to configure workflows and integrations."

Roman Shapiro Director of the Information Security Department

"After looking at the market, we realized that the best solution for us is Security Vision. We were able to master the product fairly quickly out of the box by building all the necessary integrations with our contractors. Time to market was measured in a couple of months. For a large company with a lot of resources, this is a pretty good result."

Andrey Kashirin Information Security Director

"We use Security Vision solutions at Rostec State Corporation. We believe that now there is quite a lot of emphasis on automation and rapid response on hosts. And we have integrated our EDR and IRP Security Vision, which allowed us to respond to information security incidents in a fairly semi-automatic mode."

Artem Sychev First Deputy General Director

"The Security Vision solution, in terms of price-quality ratio, satisfied our needs to the maximum. We implemented it and are actively using it and we plan to develop it further."

Andrey Nuikin Head of Information Systems Security Department of Vice President for IT

"It is important to ensure a low threshold for entry into the work of specialists with the SOAR system, for example, by using the graphic constructor of playbooks and the low-code/no-code approach in it. These characteristics are possessed by the cyber incident response automation system used in our Center for Countering Cyber Attacks of the Republic of Sakha (Yakutia) - the Security Vision SOAR solution. This product is integrated with the Security Vision Asset Management solution and allows you to build the entire process of managing information security incidents using dynamic playbooks, building a chain of attack and an object-oriented approach."

Ivan Krivoshapkin Director

"To automate orchestration and response processes, our Center uses the Security Vision SOAR solution, which combines various security systems and simplifies the configuration of response scenarios through low-code/no-code approaches. Due to the vendor-independent approach and the graphical designer of integrations and playbooks, working with the solution is quite easy, some transcendent knowledge is not required to configure it."

Arthur Usmanov Director

"We are actively working with colleagues from Security Vision, a Russian vendor whose security solutions successfully competed and defeated eminent Western rivals 10 years ago."

Dmitry Larin Deputy Chairman of the Board

"To solve the problem of automating the response to cyber incidents, we chose the Security Vision SOAR solution. The vendor offers extensive integration capabilities with various IT solutions we use, the most adaptive response scenarios, support for the low-code/no-code approach when setting up integrations and response actions, the use of machine learning methods and neural networks to identify anomalies in the infrastructure, as well as the formation of various reporting and various options for visualizing attacks and the relationships of the entities affected by the incident."

Roman Morozov The Head of Information Security

Get a demo of a
Security Vision product

Mail us to sales@securityvision.ru
or request a demo