RedCheck

RedCheck is the flagship product of the Russian company ALTEXSOFT. It allows you to solve a wide range of tasks: from searching for vulnerabilities to assessing compliance with domestic and international security standards, and is also able to implement a number of measures mandatory for ISDS and GIS.

RedCheck is a security analysis and information security management solution for organizations of all sizes. The program identifies vulnerabilities in operating systems and applications, identifies potentially dangerous settings, assesses compliance with policies and standards, monitors integrity, inventories of equipment and programs, and generates detailed reports.

In addition, this solution is the first domestic security scanner that complies with the SCAP set of standards and specifications, and is also developed taking into account the needs of domestic companies in the field of information security and the requirements of Russian regulators.

2022

Security Vision Information Security Platform Compatibility

AltexSoft and Security Vision have confirmed the compatibility of the Security and Compliance Analysis Tool for RedCheck information security standards and the Security Vision automated information security platform during comprehensive testing. Security Vision announced this on August 17, 2022.

As part of the agreement, the companies will implement comprehensive solutions in the Security IT Operation Center SOC (), Security Governance, Risk Management and Compliance (SGRC), Cyber ​ ​ Risk System (CRS), Incident Response System (IRP), Security Orchestra and Automated Response (), SOAR Threat Intelligence Platform, Security Intelligence. The created software complexes open up great opportunities for automating information security processes of large commercial and. state structures

To build comprehensive protection for the company's IT infrastructure, the integration of RedCheck EPS with Security Vision provides users with a different quality of the vulnerability management process. The software product on the Security Vision platform is adapted to any configuration of the controlled system. Based on the received information, expert processing of scan results is carried out. A plan and specific recommendations are being formed to describe potential risks and eliminate vulnerabilities, "said Dmitry Chernyakov, head of the department for working with partners and clients of ALTEXSOFT.

By sharing RedCheck and Security Vision, organizations can automatically assess the security of their IT infrastructure and automate the assessment, prioritization, and remediation process. With the regular execution of these procedures, the level of information security of the organization significantly increases and the risks of information security incidents are reduced, - said Roman Ovchinnikov, head of the Security Vision execution department.

As part of the Russian cloud vulnerability control service from Rostelecom-Solar

The company Rostelecom-Solar"" announced on July 12, 2022 the launch of the first Russian control service (vulnerabilities Vulnerability Management) within the ecosystem. Solar MSS The solution is provided from. Rostelecom National Cloud Platform In addition to the instrumental, as scannings infrastructures part of the service, customers receive full expert support from Rostelecom-Solar in terms of prioritization and elimination of found shortcomings - taking into account the current landscape. The cyber threats scanner certified RedCheck solution of the domestic vendor "" is used as. ALTEXSOFT More. here

2021: Compatibility with Red OS

In order to develop technological cooperation, AltexSoft and Red Software tested their products, which confirmed the full compatibility of SAZ RedCheck and the Red OS operating system. The test results are reflected in a two-sided certificate. Red Soft announced this on May 27, 2021.

Red OS is a Russian Linux operating system for servers and workstations, providing a universal environment for using application software. The product is certified by the FSTEC of Russia (No. 4060 of 12.01.2019), which confirms its compliance with information security requirements and allows its use in state information systems. "Red OS" is registered in the Unified Register of Russian programs for computers and databases of the Ministry of Telecom and Mass Communications of Russia (No. 3751).

RedCheck is a comprehensive security analysis and information security management solution for organizations of all sizes that searches for and fixes vulnerabilities caused by code errors, incorrect parameter settings, safety password weak protection, unauthorized installation of software and hardware, untimely installation of critical updates and violation of adopted security policies. The product is certified by FSTEC (Russia No. 3172 to 23.06.2025). Registered in the Unified Register Russian programs for and (COMPUTER databases Ministry of Telecom and Mass Communications of russia No. 765).

"In the era of digital transformation, information security issues are becoming extremely relevant. It should be remembered that information protection is a complex process, an important stage of which is analytical work. Thanks to cooperation with AltexSoft, a tool suitable for such work will be available to Red OS users, "said Rustam Rustamov, Deputy General Director of Red Soft.

2017: RedCheck release released

On July 7, 2017, Altex- Software announced the release of a version of the RedCheck product. Simultaneously with the release of the new version of the scanner, inspection control was carried out and its certificate of conformity was extended. FSTEC Russia

The version includes a number of additional functions and features:

• added support for agentless audits of VMware ESXi and VMware vCenter Server 5 and 6 versions.
• all types of audits are available:
  • inventory,
  • vulnerabilities,
  • updates,
  • configurations,
  • integrity control.

• Enhanced platform security audit capabilities Cisco IOS
• added audit of configuration of various models of Huawei network equipment and Russian network equipment "Bulat"

Added audit DBMS MySQL and. PostgreSQL The control mechanism of scanned DBMS has been improved. Expanded integration capabilities RedCheck with " Active Directory^[1]

Added user-level configuration audit. This allowed you to cover the full range of Group Policy settings and enhanced the ability to evaluate the resulting policy's compliance with security settings.

It became possible to create scan profiles that allow you to use the inheritance principle to create your own configurations of security settings. Now the scanner can use third-party "compliance" compatible with the XCCDF specification.

The Windows agentless scanning mechanism is developing.

The information content of the inspection results has been improved. The version displays the current status of the parameters of the system being tested. This allows you to see in one window both the real parameter settings and the recommended ones. Enhanced Report Designer capabilities.

RedCheck uses a version of the OVAL interpreter (processor) that supports the latest version of 5.11 OVAL Language. Now RedCheck allows you not only to detect vulnerabilities, fix them with the installation of security updates.

The version combines the capabilities provided by the Windows Server WSUS role and the scanner update audit functions. The WSUS console add-on supplied as part of the distribution expands the capabilities of WSUS and allows you to install updates to Adobe, Google, Mozilla, Oracle and others.

And also:

• fixed known problems,
• faster scanning,
• expanded the range of scanned platforms and applications,
• added configurations from the Microsoft Security Compliance Manager (Security Guide),
• updated configurations for privacy (telemetry settings),
• updated configurations to protect against ransomware and cryptoviruses
• much more.

The current certified version of RedCheck is provided to users free of charge under current license agreements and is available for download in the "Certified Update Center" and on the company's corporate portal.

2015: Security settings for built-in Windows security features such as Software Restriction Policies (SRP) and AppLocker

AltexSoft, having investigated the capabilities of countering modern cryptoviruses (Cryptolocker, Cryptowall, CTB-Locker, etc.), developed and announced in September 2015 special configurations of security parameters for built-in Windows protection tools, such as Software Restriction Policies (SRP) and AppLocker, blocking the launch of malware. Bench tests conducted by the company's experts have shown that as preventive measures, these simple mechanisms are effective against cryptoviruses.

"One of the most actively developing malware of recent years is ransomware. These are, in fact, Trojans, who, entering the operating system environment, encrypt all available files, block the operation of a computer or individual programs, and then extort money from the victim for decryption or release, - explained in AltexSoft. - The most dangerous among them is considered to be cryptoviruses. These malicious programs do not damage the system, but selectively encrypt the most valuable files, including databases and archives with backups. "

SRP and AppLocker allow you to apply locks that will prevent the virus from starting from folders belonging to the user's profile (% AppData%, Temporary Internet Files,% Temp%, etc.). In addition, these locks do not allow various "tweakers," "optimizers," instant messengers and other unsafe software that works, by analogy with cryptovirus, from non-system folders and, accordingly, do not require privilege escalation to run, indicated in "AltexSoft."

Configurations developed by AltexSoft are available for automated checks using the RedCheck security analysis tool and other scanners that support the SCAP protocol. According to the developers, the configurations include about forty checks, each of which is decomposed to a dozen sub-parameters.

When applying the configuration, the startup is blocked: executable files and scripts from user profile directories, temporary file directories, recycle bin; svchost.exe from non-standard places; executable files and scripts from archives masquerading as archives, multimedia files, images, text documents, and Microsoft Office documents; known malicious processes; BCDEdit utilities, etc.

RedCheck users (including demo users) with the next update of the program's content will be able to independently audit security settings and assess their chances of becoming another victim of ransomware. To check local computers, you can use the free ComplianceCheck utility, which can be downloaded from the official website of AltexSoft.

As a bonus, users of paid RedCheck licenses will have access to downloading files to create GPOs that automatically configure the specified policies in the domain, peer-to-peer network, or locally, the company noted.

AltexSoft experts also recommend, along with the proposed policies, the use of traditional organizational and technical protection measures. "Given the increased activity of cyber fraudsters, AltexSoft experts consider it important to once again pay attention to the problems of safe configuration of systems and the level of training of their administrators. Proper configuration and subsequent control of the operating system is an effective preventive measure in ensuring the security of any company, the AltexSoft emphasized. "Increasing security through the application of proven policies does not require significant additional financial investments, which is important in modern economic realities."

Notes