Softline helped to provide complex information protection for Stroylesbank

2019: Implementation of an end-to-end system of protection against the target attacks

On September 12, 2019 the Softline company reported that it implemented an end-to-end system of protection against the target attacks based on the innovative solutions of Kaspersky Lab in commercial bank STROYLESBANK (LLC). Now the customer can reveal and block difficult detected attacks in the automatic mode and also make the analysis of the arisen threats using service of the round-the-clock service of monitoring.

According to the company, one of components of a mission of CB STROYLESBANK (LLC) are ensuring safety of money of clients and a guarantee of complete confidentiality of calculations. During an era of digital transformation of business especially relevant is a care of increase in level of information security, including, creation of a comprehensive protection from the targeted attacks and threats of zero day. Techniques of a bypass of the used means of protecting in this connection traditional solutions are insufficiently effective are the cornerstone of such penetrations. Increase in level of cyber security required implementation of means of emulation for the analysis of harmful objects and implementation of pro-active monitoring of infrastructure. The bank needed to pick up the reliable solution which will allow to solve all these problems.

The possibility of processing and adding of rules of detection according to mailings of indicators of a compromise of IoC (indicators of compromise) recommended by FinCERT (FinCERT) was obligatory criterion when choosing the solution. IoC contains all necessary information for search and neutralization of tools of the malefactor: names of antivirus tools for recognition, methods of infection and penetration, markers of unpacking of tools on a target host and general measures of counteraction.

Experts of Softline suggested the customer to implement the complex of means of protection of Kaspersky Lab consisting of the solution for instant identification of threats and the response to cyberincidents on the end devices Kaspersky Endpoint Detection and Response (KEDR) integrated with the system of complex counteraction Kaspersky Anti Targeted Attack (KATA). Products are complemented with service of the round-the-clock service of monitoring Kaspersky Managed Protection.

Kaspersky Endpoint Detection and Response is capable to keep track continuously of anomalies and suspicious processes in workplaces of employees and to display all collected data in the convenient visualized type. The solution distinguishes threats and reacts to incidents, allowing to automate substantially process of search of the malware and invasions into corporate network, minimizing time of response to threat.

The corporate Information Security Service of KATA helps with creation of a reliable system: the platform automates process of collecting and data analysis, provides their centralized record and storage for effective investigation of the multistage attacks and transfer of the necessary information to regulating authorities.

For implementation of so large-scale project in the field of cyber security we needed to prepare the customer's IT infrastructure. It was important to pick up the reliable and available server hardware with the high level of service which will provide bank with necessary capacities. Together with a command of vendor we quickly created an optimal configuration of the equipment based on the solutions Hewlett-Packard Enterprise. Alexander Vereshchagin, the head of group of development of sales of hardware solutions of Softline in Ural federal district told

The management of "STROYLESBANK" highly appreciated competences of a command of Softline. Specialists of the company undertook complete support of the project: helped with the choice of solutions and organized full-function pilot testing taking into account our wishes, qualitatively and in time carried out works on implementation of KEDR and KATA to infrastructure of bank. The offered products have the user-friendly and intuitive graphical interface. With their help we automated routine procedures for prevention and investigation of incidents of cybersecurity: loading of indicators of a compromise, search of the compromised nodes, creation of own rules of reaction, reports and many other things. And the Kaspersky Management Protection service allows to use in investigation of incidents of competence of specialists of Kaspersky Lab, without attracting in staff of specialists in computer criminalistics. Alyona Ignatyeva, the head of department of information security of CB STROYLESBANK (LLC) told