"Based on the results of competitive procedures, the Security Vision SOAR/SGRC platform was selected to implement the implementation of the cyber incident response automation system. The implementation of all the tasks set was successfully completed by the platform implementation team during 2022. More than 20 manual cyber incident processing operations have been automated in our SOC, sources have been connected to enrich and contextualize data on information security incidents, integrations have been configured to perform automated actions to respond to cyber incidents, asset information collection processes and aggregation of scan results for vulnerabilities have been configured, the process of interaction with FinCERT has been automated, more than 40-for various widgets, dashboards, and graphical representations."
Sergey Kramarenko Head of the Cybersecurity Department
"MegaFon uses the Security Vision CII solution to automate routine tasks of protecting critical infrastructure facilities. It automates the formation of a list of critical processes, the categorization of CII objects, the development of a threat model, asset management, control of the composition of protective measures for CII objects, as well as interaction with the NCC in terms of receiving and sending information on information security incidents. Due to the wide functionality for integration with MegaFon Security Vision systems, the CII allows you to consolidate information about protected assets and their properties, and flexible configuration of threat modeling processes and monitoring compliance with regulatory requirements for the protection of CII allows you to take into account the nuances of the telecom operator's work."
Alexander Osipov Director of Cloud and Infrastructure Computing
"With the implementation of the Security Vision platform, Russian Post has gained the opportunity not only to atomically use individual security solutions, but also to build an ecosystem of the same security solutions, as well as to automate the aggregation of necessary data from a variety of internal and external sources for enrichment and contextualization. Due to important and high-quality integrations with most of the information security products and services we use, it becomes possible not only to manage information security/IT tools from a single point and using the user-friendly web interface of Security Vision, but also to build automated processes with minimal human involvement. It is also important to note the flexibility of the platform and the low entry threshold to work with it, since most of the content is developed using the no-code approach via the web interface, which makes it easy to configure workflows and integrations."
Roman Shapiro Director of the Information Security Department
"After looking at the market, we realized that the best solution for us is Security Vision. We were able to master the product fairly quickly out of the box by building all the necessary integrations with our contractors. Time to market was measured in a couple of months. For a large company with a lot of resources, this is a pretty good result."
Andrey Kashirin Information Security Director
"We use Security Vision solutions at Rostec State Corporation. We believe that now there is quite a lot of emphasis on automation and rapid response on hosts. And we have integrated our EDR and IRP Security Vision, which allowed us to respond to information security incidents in a fairly semi-automatic mode."
Artem Sychev First Deputy General Director
"The Security Vision solution, in terms of price-quality ratio, satisfied our needs to the maximum. We implemented it and are actively using it and we plan to develop it further."
Andrey Nuikin Head of Information Systems Security Department of Vice President for IT
"It is important to ensure a low threshold for entry into the work of specialists with the SOAR system, for example, by using the graphic constructor of playbooks and the low-code/no-code approach in it. These characteristics are possessed by the cyber incident response automation system used in our Center for Countering Cyber Attacks of the Republic of Sakha (Yakutia) - the Security Vision SOAR solution. This product is integrated with the Security Vision Asset Management solution and allows you to build the entire process of managing information security incidents using dynamic playbooks, building a chain of attack and an object-oriented approach."
Ivan Krivoshapkin Director
"We are actively working with colleagues from
Security Vision, a Russian vendor whose security solutions successfully
competed and defeated eminent Western rivals 10 years ago."
Dmitry Larin Deputy Chairman of the Board
"To solve the problem of automating the response to cyber incidents, we chose the Security Vision SOAR solution. The vendor offers extensive integration capabilities with various IT solutions we use, the most adaptive response scenarios, support for the low-code/no-code approach when setting up integrations and response actions, the use of machine learning methods and neural networks to identify anomalies in the infrastructure, as well as the formation of various reporting and various options for visualizing attacks and the relationships of the entities affected by the incident."
Roman Morozov The Head of Information Security