"Aircraft engine" implements the system of collecting and correlation of events of information security from IBM

On December 16, 2014 the Asteros Information Security company announced completion of implementation of the corporate platform of collecting and correlation of events of information security of IBM Qradar SIEM in CIS of JSC Aviadvigatel.

Project Tasks

Historically work of design office is connected with the high level of data security of rather developed and made equipment. For increase in security of IT infrastructure, decrease in probability of carrying out the attacks on critical company assets, minimization of possible damage when implementing threats of the information security (IS), in 2013 the concept of an end-to-end system of protection of JSC Aviadvigatel is developed. One of key components - implementation of a subsystem of identification of incidents of cybersecurity based on the SIEM solution (Security Information and Event Management).

A choice was made for benefit of IBM Security QRadar SIEM from IBM Security Systems. The contractor of the project selects Asteros Information Security company.

Project Progress

Within the project for Aircraft engine IBM Security QRadar collects information from more than 100 sources analyzed proceeding from 130 rules of correlation. At the same time 20 non-standard scenarios of identification of incidents of cybersecurity are specially developed taking into account specifics of activity of design office.

One of project objectives of implementation of IBM Security QRadar - formation and providing the operational reporting under use of the IT services which are available in the company necessary for specialists of IT and cybersecurity of services. Especially for it the team of the contractor developed 10 configured reports and prepared 5 different dashboards intended for user groups. Besides, for work of internal control on use of service of a video conferencing, for the first time in the practice, the Asteros of Cybersecurity command provided integration of the SIEM solution with the VKS system Tandberg VCS.

Project Results

Implementation of IBM Security QRadar provided pro-active approach to information security management on the basis of identification of the potential threats and anomalies connected with activity of IT systems.

"The main project deliverable for us – an opportunity to see the broad picture of all events in IT infrastructure, – Sergey Bormalev, the director of information technology of JSC Aviadvigatel noted. – Increase in awareness on a status of information security of resources of the company allows us to reveal problems before they lead to a cybersecurity incident, and quickly to react to them. But even if an incident will occur – we have all tools quickly to make investigations, creating for them the relevant evidential base. This solution is developed completely under us, and we are happy with result".

"For us a great honor to act as the partner of the Aviadvigatel design office which played an important role in the history of military victories of our country and continuing to develop competitive Russian production of civil appointment, – Dmitry Moiseyev, the head of practice of the IB analytical systems "Asteros Information security" told. – For fulfillment of requirements of such client we relied on the SIEM solution leading in the class – IBM Security QRadar SIEM. During the project its standard functionality had to be finished and increased to consider specifics of internal processes of design office, to provide necessary quality of monitoring and incident management and also control of execution of security policies of the company. It was the most interesting experience, and we hope to continue cooperation with JSC Aviadvigatel in other directions of information security".