Softline integrates SOC from Infosecurity into MS Bank Rus

2023: Implementation of iSOC

On May 29, 2023, Softline announced the provision of the iSOC service for JSC MS Bank Rus, which made it possible to create an effective system for monitoring and responding to incidents, as well as increase the level of information security of the bank.

Earlier, the SIEM-system Qradar functioned in MC Bank Rus JSC, and the customer decided to replace this system with another service. As further developments showed, this turned out to be a timely step, since IBM left the Russian market.

MC Bank Rus JSC considered several options for implementing the project: the acquisition of a solution from Russian manufacturers, the construction of a hybrid SOC, the possibility of using SOC as a service.

At the stage of selecting the contractor, Softline specialists formed technical and commercial proposals and selected options suitable for the composition of services and cost. A highly competitive environment was taken into account, since some of the strongest players in the market for these solutions took part in the competition stage, "commented Ilya Volodichev, Softline Key Account Manager.

In the course of assessing the financial costs, terms of connection and the load on its own specialists, the bank chose the SOC as a Service model. One of the decisive factors in choosing a solution from Softline Group of Companies is that the Infosecurity SOC service is accompanied by specialized experts.

During the transition to the service, Softline specialists faced the following key tasks: saving the "logs" of the previously functioning SIEM solution and connecting the main sources of events as soon as possible. The company coped with these tasks in a short time due to the high level of immersion in the customer situation at the earliest stages of the project.

Operational implementation of key points made it possible to subsequently engage in more fine-tuning and elaboration of the details of the service. Part of the control was transferred to Softline specialists, which reduced the load on the customer's IT personnel and increased the speed of response to events. The schemes of interaction with MC Bank Rus specialists were worked out in detail - the most important scenarios for the customer and the procedure for notification in the event of these incidents. Work is also being carried out on "individual refinement" within the framework of additional client requests.

The effectiveness of the service was tested using penetration testing (Pentest) from a third-party organization without notifying Softline specialists. The SOC promptly responded and tracked all illegitimate events.

The introduction of SOC allowed the customer to minimize the risks of unauthorized entry into the infrastructure, which is a critical point for such a security-demanding sector as banking. The implementation of the project also made it possible to unload the customer's specialists by transferring part of the cybersecurity tasks to Softline. Thanks to this, the customer not only secured his infrastructure, but was also able to save resources: both financial and personnel, - said Andrei Medvedev, head of the cybersecurity development department at Softline.

The flow of events and information monitored by the SIEM system is extremely large. With the forces of Softline, we more specifically and in detail assess the most critical situations and can quickly respond to them, which improves the quality of information security of the bank. Now the key incidents that are Softline's area of ​ ​ responsibility are highlighted, and we can quickly take active action to eliminate possible risks, "concluded Andrey Nikulshin, head of the information security department at MC Bank Rus JSC.