BI.ZONE ThreatVision

Main article: Security Information and Event Management (SIEM)

The TI-class product provides cybersecurity teams with operational intelligence on emerging threats and trends from multiple sources. The findings allow employees to quickly respond to incidents and build a cyber defense strategy.

2021: Integration with Eset Threat Intelligence data streams

harmful The BI.Zone ThreatVision threat detection and activity localization platform has improved its quality data by integrating Eset with international threat data flows. Combining recognition technologies protects the business from threats that are currently relevant for each individual industry, the company said on February 25, 2021. BI.Zone

According to Check Point statistics, 58% of organizations faced an increased number of cybersecurity incidents in 2020.

"The average time to detect a company infrastructure hack is a frightening 200  days. Over such a period, attackers manage to prepare a destructive scenario for business from any industry. Therefore the awareness on relevant threats allows the companies to be prepared and block a possibility of a compromise in advance", - the area manager Eset Threat IntelligenceAleksandr Pirozhkov noted.

Automating the collection of compromise indicators, as well as uploading data in a convenient format, saves labor and increases business efficiency. The BI.Zone ThreatVision platform interface allows you to find threats known to various vendors, as well as integrate indicator streams into the most popular security tools.

"Cooperation with Eset allowed us to unite technologies and experience in the sphere of protection of corporate information systems to improve our product for prevention of incidents of safety of BI.Zone ThreatVision. Such solutions have long been in demand on the  international market and are gaining popularity in the Russian Federation, since they are convenient and understandable  to use. The platform's tools allow you to prevent cyber attacks, increase the speed of response to incidents and minimize damage from them, "said Yevgeny Voloshin, director of the BI.Zone.

An array of data on compromise indicators is formed using more than 100 million sensors around the world and botnet trackers. The user of the platform receives clearly categorised data relevant to the specific business sector.

2019

Provision by MegaFon of data on fraudsters and their victims

On September 24, 2019, the company BI.ZONE announced the expansion of cooperation in the field cyber security with. As telecom operator MegaFon part of a technology partnership, the operator began to provide real-time information about fraudsters and their victims to the developer. This information is automatically available to all members data of the Cyber Threat Sharing Platform.

According to BI.ZONE, in Russia 80% of thefts from the accounts of individuals are carried out using social engineering methods: the victim succumbs to the tricks of fraudsters and transfers money to them herself. Most often, attackers contact bank customers by phone and via SMS messages. Therefore, mobile operator data on incidents significantly reduce the number of attacks in the financial sector.

Thanks to BI.ZONE's collaboration MegaFon with the Cyber Threat Data Exchange Platform, information will be received about malicious resources, including those used for phishing attacks, infections, malware fraudsters and their victims. If you use this information in the work of the financial antifraud institution system, this will significantly increase the level of detection. bank fraud At the same time, special rules developed by BI.ZONE analysts will make it possible to identify with high accuracy subscribers whose devices are infected with malicious. ON

"Our partnership with BI.ZONE began during the pilot period of the platform launch - at the start we provided addresses of malicious and phishing domains. As of September 2019, we are expanding cooperation by adding data on fraudsters and their victims to the general threat base. This information is especially relevant for players in the financial sector, as it allows you to effectively fight bank fraudsters. We record the activities of the latter and transmit relevant data to BI.ZONE analysts, " noted' Sergey Khrenov, Director of Fraud and Revenue Loss Prevention, MegaFon PJSC "

"Current information is a key success factor in the fight against modern digital threats. However, alone, no financial institution can afford to accumulate the right amount of data to prevent cyber attacks. This would require significant costs both for the acquisition of information from various sources and for the maintenance of a large team of high-class experts in the field of cybersecurity. Combining efforts in data collection makes it possible to feel the maximum effect of using information about cyber threats: reliable proactive protection with significant resource savings, " noted' Anton Okoshkin, BI.ZONE Technical Director '

Prevention of damage of 8 billion rubles for banks for the year of operation

On August 29, 2019, BI.ZONE, together with the Association of Banks of Russia, announced the summation of the first year of the cyber threat data exchange platform, which already included about 70 financial organizations. Over the year, the platform helped banks prevent damage of 8 billion rubles.

As reported, the solution helps counteract to the attacks attackers through collaboration between participants, thorough testing and selection of sources information , taking into account industry and regional specifics. At the same time, only current data is available to participants: tens of thousands of signs are automatically added and updated to the platform every day to recognize a potential threat (compromise indicators). Data sources are all Russia organizations connected within the Association of Banks, as well as technology partners, including, FINTSERT Bank of Russia tool developers, cyber security an international anti-virus company, ESET major operators, an communications incident monitoring and response center.ZONE BI CERT and many others.

Within the framework of the technological partnership, BI.ZONE and the Association of Banks of Russia get access to the data of the telemetry service ESET Threat Intelligence.

Technology is constantly evolving, and the only way to get ahead of cybercriminals is to unite security efforts. We are pleased to see that cybersecurity issues around the world are beginning to receive increasing attention. The data exchange platform for financial institutions in Russia is certainly a step towards more reliable protection for both banks and their customers. This platform strengthens cybersecurity in one of the most vulnerable sectors that is constantly targeted by cybercriminals. narrated by Roman Kováč, ESET Research Director

The advantages of collaboration were first demonstrated in Moscow at an online training on international business cooperation in the fight against digital threats. During the event, three large-scale scenarios of cyber attacks were worked out - massive DDoS attacks, SQL injections and phishing. In the first part of each scenario, participants were asked to defend themselves, in the second - they connected to the data exchange platform and fought threats together. After connecting to the platform, the effectiveness of repelling attacks increased by more than 7 times.

2018: Launch of cyber threat data exchange platform

The Association of Banks of Russia, with the technical support of BI.ZONE (BIZON LLC), in 2018 launched a data exchange platform, the main functionality of which is the ability to obtain up-to-date and verified data on modern cyber threats.

The platform provides a trusted information exchange service within the banking industry and allows participants to automatically receive verified and relevant information about compromise indicators in real time. The platform analyzes, groups, brings into a single format, enriches the data and checks its reliability.

The exchange platform data cyber threats allows you to build proactive protection financial in organizations.

The introduction of the Platform into the daily practice of cybersecurity specialists allows you to increase the reliability of the protection of credit institutions, the effectiveness of investigations, the speed of response and elimination of the consequences of incidents, as well as reduce damage from the actions of intruders.