|The name of the base system (platform):||R-Vision SGRC Supervisory center of information security|
|Date of the premiere of the system:||April, 2019|
|Last Release Date:||2019/10/09|
|Technology:||Cybersecurity - Information loss preventions, cybersecurity - the Fraud detection system (fraud), cybersecurity - Information management and events in a security system (SIEM)|
R-Vision TIP (R-Vision Threat Intelligence Platform) is the platform which allows to assemble in the automatic mode compromise indicators from free and commercial channels of exchange (so-called these cyberinvestigations, threat intelligence), to process them, to enrich with the additional information and to involve in internal systems of protection for detection of a possible compromise of systems, timely blocking of threats and investigation of the happened incidents.
2019: Official release of R-Vision Threat Intelligence Platform
These cyberinvestigations represent data on relevant threats, the attacks, tactics and technicians of malefactors and also so-called indicators of a compromise on which it is possible to reveal harmful activity. Early detection of a compromise - one of the key factors allowing to minimize data loss, financial losses and reputation damage of the company.
The R-Vision Threat Intelligence Platform platform provides collecting of indicators of a compromise from different suppliers, their processing, enrichment with an additional context and also export on external means of protecting for monitoring and blocking. Among the supported sources information about threats - data from FINTSERT CENTRAL BANK RUSSIAN FEDERATION Kaspersky Group-IB IBM X-Force Exchange, AT&T Cybersecurity (before AlienVault) and also open data. Thanks to a set of sensors, the product performs monitoring in real time, retrospective search of traces of activity of the malefactor in To IT infrastructure the organization and is notified by analytics of security in case of detection.
All regularly repeating transactions with compromise indicators in R-Vision Threat Intelligence Platform can be executed in the automatic mode that gives important advantage – an opportunity to provide the full automated work stroke, from collecting before blocking with means of protecting.
| ||Active use of indicators of a compromise becomes the integral functionality of many modern means of protecting, allowing to reveal quickly including the suppressed attacks on infrastructure, the facts of a compromise of computer systems and presence of a malicious code. Make work with data streams of cyberinvestigation, arriving on the different channels which are most automated and effective - the main objective of our solution. Application of R-Vision Threat Intelligence Platform together with already available monitors and safety allows to develop considerably their opportunities and to increase chances of the organization in time to detect threat,|| |
Solutions of the class Threat Intelligence Platform become one of important tools of the centers of monitoring and response to incidents of information security. Due to operational providing a detailed picture on threats and automation of actions, such solutions allow to reveal the hidden attacks at early stages, to provide pro-active reaction and also to accelerate investigation of already happened incidents.