Fraudex: Vulns.io Enterprise VM

Main article: Security Information and Event Management (SIEM)

2024

Red OS Compatibility 8

The Vulns.io Enterprise VM vulnerability management system has received a certificate of compatibility with Red OS 8. This was announced by Frodex (Fraudex) on August 30, 2024.

The Vulns.io system is used for audit and monitoring vulnerabilities and problems both in the OS installed, - ON docker images and registries, containers and on hosts. Vulns.io is compatible with more than 20 operating systems, including the Russian Linux attributes.

Obtaining a compatibility certificate is a confirmation that the Enterprise VM Vulns.io can be deployed and fully used on the latest version of the domestic operating system RED OS 8.

Шаблон:Quote 'author = said Vladimir Mikhailov, Head of Advanced Projects at Fraudex.

Integration with Securitm

Vulns.io Enterprise VM from Fraudex is integrated with SECURITM, a domestic SGRC platform for managing all organizational processes in information security services . This made it possible to expand the capabilities of both products to increase the level of security of companies and enterprises before cyber attacks. Fraudex announced this on July 4, 2024.

Integration with Vulns.io Enterprise VM will enrich SECURITM with information about all assets used in the infrastructure and their vulnerabilities. Due to the peculiarities of its architecture, the system collects data at a high scan speed (less than a second per host). It also has the ability to scale and run horizontally in Kubernetes clusters, which allows you to distribute computing to hosts and maintain an extremely high audit speed for large infrastructures of several tens of thousands of assets.

So SECURITM users will always have up-to-date information about the state of infrastructure of any scale. All changes in its configuration and threat landscape will immediately affect the host cards on the platform.

Vulns.io Enterprise VM exports the collected audit data - as of July 2024, more than 20 operating systems are supported, including any linux distributions, including Russian ones, supplementing host cards with information about:

• installed ON servers and workstations;
• network devices;
• users;
• safety groups;
• open ports;
• services and services.

You can build Vulnerability Management processes on the data collected from the Enterprise VM Vulns.io; supplement the Asset Management process, monitor the installed software according to blacklists, generate security metrics, etc.

In turn, users of the product of one of the leading developers of new technologies and cybersecurity products when integrating Vulns.io Enterprise VM with SECURITM will have the opportunity to work with vulnerabilities and asset management:

• Setting and controlling tasks to eliminate vulnerabilities, in its own Tasktracker SECURITM or in Jira, which will automate many processes of the information security service.
• Building a unified information model of the company, which will now include not only IT assets, but also systems, business processes, people, etc.
• Use information about infrastructure vulnerabilities in information security risk management processes, in compliance management and standards.

Combining the two services will not only increase the level of security of the company, but also significantly simplify the work of security specialists by automating processes that they previously had to perform manually, - commented Vladimir Mikhailov, head of the advanced projects department at Fraudex. - This will allow them to concentrate on solving really important issues, for example, timely elimination of vulnerabilities until they are exploited by an attacker.

Enterprise VM Vulns.io View

The company "Fraudex" on March 27, 2024 presented its development - Vulns.io Enterprise VM. It is a multifunctional system for managing vulnerabilities and analyzing the security of assets of IT infrastructures of any volume in automatic mode, with the ability to scale horizontally in Kubernetes.

source = Fraudex

Thanks to its architecture, Vulns.io Enterprise VM spends less than a second per host while scanning multiple assets. If you need to process huge amounts of data, the system can be deployed in a cluster using Kubernetes. This feature allows you to flexibly adjust the horizontal scaling of product components by distributing them to different cluster nodes. In some cases, you can configure Kubernetes to automatically allocate additional resources to maintain stable system operation during times of increased load.

Thus, one of the problems of large infrastructures is solved - a long time for processing large amounts of data, which makes it impossible to update the degree of infrastructure security, - explained Vladimir Mikhailov, head of the advanced projects department of Fraudex LLC. - The high scan speed and ease of running Enterprise VM Vulns.io in Kubernetes reduce the time spent on identifying asset vulnerabilities by a multiple of the time. This allows you to audit much more often - monitor infrastructure vulnerabilities in the literal sense of the word. And, as a result, respond to new vulnerabilities in a timely manner - to eliminate them until the moment when the attacker learns about them.

Vulns.io Enterprise VM offers all the functionality necessary to monitor and manage vulnerabilities in IT infrastructures: starting with auditing, operating systems installed, software network equipment, docker images in registers or on hosts, prioritizing the vulnerabilities found, ending with their elimination (patch management) and monitoring changes in asset security. Architecturally, Vulns.io Enterprise VM is an on-premium solution on the physical or on the virtual server network and on the customer's power.

Vulns.io Enterprise VM is located in the Register of Russian software.