Крок: Cloud Security Services (CSS)

The main articles are:

• SaaS - History. Philosophy. Development drivers
• Security Information and Event Management (SIEM)

2023: Cloud Security Services Launch

CROC Cloud Services, together with K2 Cybersecurity, launched Cloud Security Services (CSS), a set of measures and services to ensure security in cloud environments. It identifies, prioritizes, and mitigates security risks and addresses compliance challenges to protect IT infrastructure. CROC announced this on December 7, 2023.

The complex was developed on the basis of many years of experience and projects of CROC Cloud services and K2 Cybersecurity"," carried out for customers from industries, finance retail FMCG, industries and others. Cloud Security Services provides ready-made services, a certain set of which quickly connects to a specific customer task: network protection,, OS applications,, information monitoring and response to security incidents, management, vulnerabilities access control. Services are deployed on the basis of a proprietary CROC cloud platform with built-in security tools implemented in accordance with the requirements of the law. Continuous monitoring of incidents is carried out by a team of experienced experts of the Monitoring Center () "K2 cyber security SOC Cybersecurity," the average response time is 2-4 hours.

The number of requests to CROC Cloud services for protection tools has grown 4 times over the past six months. Moreover, many companies did not need point solutions, but the entire protection system of the organization. For example, in 8 weeks we ensured the complete transition of the international bank to domestic information protection tools, deployed them in our cloud, and also connected the client to SOC. It was such comprehensive projects that prompted us to combine expertise with K2 Cybersecurity and create Cloud Security Services. The product meets the market's requests for solving problems in one window mode in a short time, - said Sergey Zinkevich, director of the CROC Cloud Services business unit.

Cloud Security Services consists of two levels. The first is a cloud platform certified for all legal requirements. In particular, the CROC Cloud received the highest (0.92) among public clouds assessment of compliance with the requirements of GOST R 57580.1-2017 "Security of financial (banking) transactions. Information protection of financial institutions, "as well as certified (UZ-1) by the ISDS 152-FZ and received a certificate of compliance with PCI DSS 4.0 requirements. Technical support of information protection means complies with the requirements of GOST R ISO/IEC 20000-1-2021. When developing services, we took into account the requirements of the Zero Trust security model. Most cybersecurity services are originally already built into the CROC Cloud (IAM, Cloud Firewall, VLAN, VPC, SDN, SDS).

The second layer is ready-made cloud infrastructure protection services. Solutions from UserGate, Kaspersky Lab, FACCT, CheckPoint, R-Vision, Mitigator, iT Bastion, Sangfor and others can be deployed to identify, prioritize and eliminate security risks. System components are managed by SOC K2 Cybersecurity.

{{quote "For each individual client, the cybersecurity of its systems is audited, bottlenecks in the IT infrastructure are identified. Then a strategy for building a protection system is developed, and after the approval of the project, we introduce a set of services, certify the system. In addition, we focus on raising employee awareness of infrastructure protection. As a result, the client receives a solution that meets regulatory requirements and allows him to flexibly adapt the system to the changing needs of the business, "said Andrey Zaikin, director of business development at K2 Cybersecurity. }}