Future Crew: Security Analysis

The main articles are:

• Security Information and Event Management (SIEM)
• Firewall

2024: Presentation of the Security Analysis Complex

The Future Crew Innovation Center, part of MTS PJSC, on February 9, 2024 presented a set of proactive cybersecurity services "Security Analysis." The product is based on CICADA8 expert services, uses an ecosystem approach and allows you to ensure comprehensive security of the organization's IT infrastructure.

The release of Security Analysis is an important step for CICADA8. We are significantly expanding the range of our services and can now offer customers comprehensive cybersecurity support for their resources. Thanks to working with a large-scale MTS infrastructure, we often face non-trivial tasks, after which projects on a smaller infrastructure are given to us much easier, "commented CTO CICADA8 Aleksei Kuznetsov.

Future Crew's Security Analysis includes twelve business information security services that can be divided into four areas.

1. Training of information security personnel

Simulation of a cyber attack (Red Teaming) allows you to assess the effectiveness of the customer's information security service in an incident as close as possible to the real ones. In particular, to test the ability of employees to quickly detect and respond to attacks. To do this, CICADA8 experts simulate complex attacks on the level of APT groups, the purpose of which may be to obtain financial or other benefits, harm the customer or his customers.

Also, within the framework of this service line, an increase in the efficiency of the information security service (Purple Teaming) is available. With constant interaction of attackers and defenders, mechanisms and measures of protection are checked, blind spots are detected, coordination of monitoring and protection services is worked out. This service provides an assessment of the real level of cybersecurity and improves the ability of the organization to detect attacks.

2. Penetration testing

Services in this direction detect possible vectors of attacks on the IT infrastructure. During external penetration testing, CICADA8 specialists identify vulnerabilities in external systems of the organization - that is, in services available from the Internet. Internal penetration testing finds vulnerabilities in the company's internal infrastructure. Based on the results of both tests, experts demonstrate the exploitation of the most critical vulnerabilities and provide recommendations for their elimination.

A comprehensive analysis of the security of web applications using white box (with code access) or gray/black box methods makes it possible to detect vulnerabilities in the application, the exploitation of which can lead to unauthorized access to components and critical information being processed. Similarly, CICADA8 experts analyze the security of a mobile application to identify vulnerabilities in it and determine the possible consequences of their implementation.

Sociotechnical testing tests the vigilance and cyber literacy of company employees through resistance to social engineering methods. To simulate attacks on users, experts CICADA8 use phishing mailings and sites, distribute infected flash drives in the client's office, call employees, provoking them to issue confidential data, and also check the possibility of physical penetration into the customer's territory.

One-time scanning for vulnerabilities using automated tools identifies vulnerabilities in network services and applications. Further, CICADA8 experts carry out manual validation of the discovered vulnerabilities, determine the possible consequences of their exploitation and make a list of recommendations for their elimination.

3. Investigation of incidents

This area includes services for finding traces of incidents and working with their consequences. Analysis of possible compromise allows you to detect complex attacks in the early stages of their implementation and successful penetration into the customer's infrastructure in the past. In particular, identify malicious or unwanted programs, as well as traces of unauthorized access to client resources. If signs of compromise are found, experts provide recommendations for further action.

In the course of responding to incidents, experts CICADA8 confirm the fact of the incident, help stop its development and neutralize the presence of the attacker. Next, the incident is investigated and the identified malware samples are analyzed. Based on the results of the investigation, experts give recommendations on improving protection and preventing such incidents in the future. Experts also help in cooperation with state authorities and regulators.

4. Consulting

The Cyber Resilience Analysis helps determine how customer-selected ways to handle information security risks meet its business needs, taking into account current trends in targeted attacks. This is a comprehensive service that includes penetration tests, analysis of attacks relevant to the customer's sphere and the completeness of their coverage, as well as selective audits of information security processes.

In addition, CICADA8 specialists provide consulting support for a wide range of tasks: from assessing the compliance of the organization's IT infrastructure with regulatory requirements and assessing information security risks - to auditing according to ISO/IEC 27001 or using the methodology of its own development, construction and documentation of various processes and information security systems.

Future Crew's main activity is development, and ensuring their cybersecurity is one of the company's priorities. This expertise allows us to solve not only classic information security problems, but also to manage the bisen risks of products. We have previously offered hacking trace detection and incident investigation services to our customers. Now we have increased the range of our expert information security services by an order of magnitude, having received a full-fledged portfolio of cybersecurity services, "said Elena Prudnikova, director of business development and sales at Future Crew.