| Developers: | MTS RED (Serenity Cyber Security) formerly MTS Cybersecurity |
| Last Release Date: | 2024/02/29 |
| Branches: | Information security |
| Technology: | Information Security Management (SIEM) |
Content |
The main articles are:
MTS RED SOC is a center for monitoring and responding to cyber attacks. The center's specialists analyze what is happening in the customer's IT structure and scan for vulnerability to new threats, block malware and eliminate loopholes through which the attacker penetrated.
2024
Adding Kaspersky EDR
MTS RED, a member of MTS PJSC, has supplemented the services of the center for monitoring and responding to cyber attacks MTS RED SOC with technology for protecting workstations and servers based on the Kaspersky EDR (Endpoint Detection and Response) solution. MTS RED announced this on April 5, 2024. Read more here.
Availability in Hybrid Format
MTS RED, a member of MTS PJSC, announced on February 29, 2024 that the services of the MTS RED SOC cyber attack monitoring and response center are now available to customers in a hybrid format.
The hybrid format of using the services of the center for monitoring and responding to cyber attacks implies that its technological core - the SIEM system - is implemented directly in the customer's IT infrastructure. At the same time, only the functions of administration, monitoring, content development and the formation of instructions for responding to cyber attacks or the direct use of measures to technically block attacks are transferred to outsourcing.
Within the framework of the hybrid model, MTS RED SOC specialists implement the SIEM system at the customer's site and set up rules for correlation of incoming information security events to identify cyber threats in the early stages. MTS RED SOC specialists connect to the customer's SIEM system via a secure communication channel, and all incident data is stored and processed in the company's loop. At the same time, MTS RED SOC applies many years of expertise accumulated during projects to protect companies in various industries to support and develop rules for correlating information security events, identify cyber attacks, form instructions or implement measures to counter attackers, as well as provide in-depth analytics to further increase the level of customer security.
If the company already uses the SIEM system, MTS RED specialists help to audit its current state and assess the sufficiency of the volume of connected sources of information security events. In addition, MTS RED SOC provides customers with its own set of rules for correlating information security events, taking into account industry specifics and tested when detecting cyber attacks on the largest companies in Russia. After profiling incident detection scenarios, MTS RED SOC experts perform a full scope of work with the SIEM system - from tincture and support to round-the-clock detection and response to cyber attacks.
 | The demand for a hybrid model for the supply of services to monitoring and responding to cyber attacks is higher than ever. Large companies, especially banks and CII entities, prefer to outsource only those functions that require a large staff of highly qualified experienced specialists, leaving inside the IT infrastructure systems that directly store and process incident data, - said Ilnaz Gataullin, technical head of MTS RED SOC at MTS RED. |  |
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |