Viking Bank has strengthened the protection of IT infrastructure with the help of SearchInform SIEM

2025: Implementation of SearchInform SIEM

Viking Bank has implemented SearchInform SIEM to increase the transparency of processes in the IT infrastructure. The system helps to manage information security events in real time, identify information security incidents and promptly respond to them. The SIEM system was deployed in 2024 after the completion of the pilot project. SearchInform announced this on July 3, 2025.

In choosing an information security solution, the bank's specialists focused on the following parameters: a large number of pre-installed connectors for integration with various elements of the IT infrastructure, ready-made correlation rules, as well as timely technical support.

We strive to protect customer data as much as possible and comply with the safety requirements put forward by regulators. Therefore, when choosing the SIEM system, we considered only those products that are included in the register of domestic software and comply with GOST R 57580.1-2017 on the security of financial transactions, - said Sergey Povetkin, head of the information security department of Viking Bank. - We tested several solutions of domestic vendors. As a result, the choice was made in favor of SearchInform SIEM. We are satisfied that the system has all the necessary functions out of the box, support for non-standard connectors. So, immediately after the implementation, the problems of user accounting in the Active Directory (AD) of the organization were highlighted. Simple passwords were incorrectly configured, they found "forgotten" accounts. They began to put things in order with this task.

The customer appreciated the built-in functionality of the SIEM system - the launch of automatic reactions to information security incidents. For example, an information security specialist can prescribe various scenarios of actions that SIEM will launch to eliminate the threat. For example, it will help to block a compromised account in all environments. All this makes it easier to perform routine tasks.

Initially, we developed SIEM "boxed," and most of the preliminary work took over. The system comes with a set of out-of-the-box correlation rules. There are more than 500 of them. To make them work, just connect the data sources. Also, to adapt SearchInform SIEM to the needs of the company, the customer does not need access to its code and a team of programmers. One or two employees can quickly identify incidents and respond to them, ensure the protection of the corporate network. At the same time, the system scales easily, including the ability to work as part of SOC, said Pavel Pugach, system analyst at SearchInform.