RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

Special Communications and Information Service of the Federal Protective Service of the Russian Federation (Security Vision Incident Response Platform (Security Vision IRP) of SOAR)

Customers: Special Communications and Information Service of the FSO - Special Communications and Information Service of Federal Guard Service of the Russian Federation (Federal State Unitary Enterprise GTsSS, Main Center of Special Communication)

Product: Security Vision Incident Response Platform (Security Vision IRP) SOAR
На базе: Security Vision A specialized platform for automating information security processes

Project date: 2019/05  - 2020/06

2019-2020: Center of monitoring and information security management of Security Vision

The Special Communications and Information Service of the Federal Protective Service of the Russian Federation (Special Communications and Information Service of the Federal Protective Service of the Russian Federation) is the structural division of FSO of Russia performing within the powers the organization and ensuring operation, security, development and improvement of systems governmental and other types of special communication and information for federal public authorities, public authorities of territorial subjects of the Russian Federation and state bodies. Ensuring the maximum protection of data assets of Service – the task having nation-wide value.

In 2016 within creation of the Center of monitoring and obtaining analytical information the solution Security Vision SOC was implemented and gradually expanded functionality. In 2019 specialists of Intellektualnaya bezopasnost Group implemented in the Center the Automation system of procedures of response to incidents of cyber security of Security Vision IRP for a bigger increase in process performance of management, reaction and investigation of incidents of cybersecurity.

Implementation of functionality of Security Vision SOC and IRP provided the following main results:

  • Processing of incidents of information security taking into account specifics of service is created and automated;
  • New nodes of infrastructure of monitoring are set and configured;
  • Key sources of events of information security are connected;
  • Rules of identification of incidents of information security are implemented;
  • Process of management of vulnerabilities is automated;
  • Risk management process is automated;
  • Scenarios of response to incidents are developed and implemented.