Customers: T-Bank (Tinkoff Bank) Moscow; Financial Services, Investments and Auditing Contractors: Frodex (Fraudex) Product: Fraudex: Vulns.io Enterprise VMProject date: 2024/01 - 2024/07
|
2024: Enterprise VM Vulns.io Implementation
T-Bank has put into operation a multifunctional vulnerability management system Vulns.io Enterprise VM. This was announced by Frodex (Fraudex) on August 20, 2024.
Vulns.io Enterprise VM will help increase the security of the bank's information system by timely identifying vulnerabilities in its IT infrastructure. The system allows you to control and manage the full life cycle of vulnerabilities in automatic mode and includes a wide range of capabilities:
- the ability to deploy to more than 20, OS including any - the Russian linux distribution;
- audit, monitoring and prioritization of vulnerabilities in operating systems, including Russian ones, and installed software;
- the ability to install available updates to quickly fix vulnerabilities;
- Monitoring the vulnerability of assets during the selected period in conjunction with reports on the timing of the identified vulnerabilities.
The implemented solution will keep the bank's infrastructure up to date: the Vulns.io Enterprise VM vulnerability database is constantly updated, the system is able to audit large infrastructure in a short time. Thus, all information about the found vulnerabilities is displayed in the system, taking into account the current configuration of infrastructure assets.
When a vulnerability is detected, the system allows you to perform one of the following measures to fix:
- if there is data on the software version in which the vulnerability found is eliminated, the system can create a task to update this software;
- if the update is impossible and the vulnerability is closed by compensatory measures, it can be added to exception lists, then in subsequent checks the system will display such a vulnerability in the excluded section.
It is very important for the bank, as well as for other companies, to receive information about new vulnerabilities until the attackers have yet to damage the infrastructure with their help.
Thanks to architecture and rapid audit technologies, Vulns.io Enterprise VM requires less than a second per host while scanning multiple assets. Also, to maintain a high scan rate when processing a large number of infrastructure assets, the solution can be deployed in a Kubernetes cluster.
The processes of monitoring and maintaining a high level of security for us are of paramount importance, "said a representative of T-Bank. - Deployed in August 2024, the system meets our needs for constant scanning of infrastructure assets and prompt detection of vulnerabilities. We do not have to plan the sequence of scanning segments - the system allows you to audit large groups of assets within one task in a matter of minutes. |
High scan speed and scale-out support enables you to get up-to-date vulnerability information no matter how many assets you want to verify. T-Bank appreciated the decision from Fraudex. Vulns.io Enterprise VM has become another trusted brick in the security of an organization's infrastructure.