Trading house "Energo" chose "SearchInform SIEM" to analyze information security events

2024: SIEM Implementation

Trading house "Energo" (hereinafter - TD "Energo") has introduced the SIEM system from "SearchInform" to prevent incidents and strengthen information security. The cooperation began in May 2023 after the completion of the pilot project. "SearchInform SIEM" allows Energo TD to process a large stream of events in the company's IT infrastructure in real time and respond quickly to them. SearchInform announced this on April 10, 2024.

The main criteria in favor of choosing SearchInform SIEM were a large number of pre-installed connectors (including for import-substituted solutions) suitable for Energo TDs (WinEvent,, Linux GPO, AD Monitoring,,, Kaspersky,, Cisco,,, UserGate MS SQL PostgreSQL VMware Syslog, SSH etc.), the ability to send notifications to, as well as Telegram quick system implementation, ease of use and price justification.

For April 2024, SIEM is a necessary tool for any company that stores and processes a large amount of sensitive information. TD "Energo" is a distributor of food, animal goods and non-food goods for chain retail companies. Therefore, it is important for us that the company's IT infrastructure, client applications are under reliable protection, "said Konstantin Chernetsov, information security specialist at Energo TD. - After implementation of SIEM system from SearchInform, we record up to 50 information security events every day, which require special attention and control. So, with its help, we were able to identify the mass distribution of letters with malware and respond to the threat in time.

The customer also highly appreciated the built-in functionality of the SIEM system, which automates part of the processes and reduces the load on the information security department of the company. The program collects and analyzes a large stream of information security events in different points of the infrastructure for high-quality investigation of incidents.

When we developed SIEM, we made it "boxed" from the very beginning. So that the customer sees the effect immediately after installation, connecting sources by ready-made connectors and correlation rules from the pre-installed database. Therefore, initially they relied on the speed of deployment. The installation boils down to unpacking distributions and a few clicks on the "Next" button, so even a specialist without development skills can cope with it, since you do not need to know programming languages ​ ​ to create correlation rules and cross-correlation, "added Alexey Parfentiev, head of analytics at SearchInform .

SearchInform SIEM is certified by FSTEC and entered into the Unified Register of Russian Programs for Electronic Computers and Databases. The SIEM system also allows you to fulfill the requirements for the protection of information systems of state and commercial organizations established by the requirements of the FSTEC.