The main articles are:
2023: Russian Security Analysis Market Trends Analyzed
Angara Security analyzed more than 200 implemented projects and competitive procedures in the field of security analysis for 2022-2023. The main conclusions of the study:
- About 60% of security analysis projects are implemented within two price segments: from 500 thousand rubles to 1 million rubles (23.7%) and from 1 million to 2 million rubles (37%).
- Compared to 2022, the share of projects in the marked price segments increased by an average of 65%.
- Security analysis services are most in demand among financial institutions and insurance companies (about 40% of projects and competitive procedures), telecom and IT companies (28.8%).
Among the most demanded services in the field of security analysis are the following areas:
Budget from 500 thousand to 1 million rubles: services of external and internal pentest, analysis of the security of web and mobile applications. Angara Security analysts associate the growth in the number of projects in this price range with requests to check the level of security of user digital services and applications, as well as with interest from small and medium-sized businesses, IT developers who previously did not pay much attention to information security.
Budget from 1 million to 2 million rubles: most often this category includes services that require automated security analysis and an expert approach to risk assessment and vulnerability management. These include code analysis services, sociotechnical research, testing using social engineering tools, monitoring the security of the external perimeter, critical information systems.
 | The growth of projects in this category is more often associated with repeated requests from customers who already have experience in conducting pentests, understand what result they need from this type of testing and increase the requirements for expertise and experience of the team organizing the security assessment, "said Andrey Makarenko, head of business development at Angara Security. |  |
Analysts also note the demand for solutions for monitoring the effectiveness of information protection tools on the external perimeter, therefore, the market also requires comprehensive simulation of cyber attacks (red team) with verification of the reaction of employees of internal SOC centers and information security units in branches of large companies.
| | There is also a growing demand for security analysis in white box mode. Such pentests identify almost all application vulnerabilities and are most effective. At the same time, there are high requirements for professionalism, training and certification of the team of performers, − was supplemented by Mikhail Sukhov, head of the security analysis department at Angara Security. | |
Among the promising areas in the field of security analysis, Angara Security analysts also note the automation of checks that can be carried out without the involvement of experts, as well as the integration of OSINT and analysis tools into comprehensive penetration test services, phishing attacks control of the external perimeter attack surface, comparison of techniques industries and attacks.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |