RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Fraudex: Vulns.io Enterprise VM

Product
Developers: Frodex (Fraudex)
Date of the premiere of the system: 2024/03/27 - Presentation
Last Release Date: 2024/11/29
Technology: Information Security Management (SIEM)

Content

Main article: Security Information and Event Management (SIEM)

2024

Ability to update Windows-based applications

Fraudex On November 29, 2024, the company announced the addition of functionality vulnerabilities to the Vulns.io Enterprise VM asset management and continuous monitoring system. This version of the product adds the ability to update application programs based on OS Windows and create dynamic asset groups.

An updated version of Vulns.io Enterprise VM has added a tool to centrally update Windows-based applications with high reliability. The functionality implements a secure process of updating software in the infrastructure at all its stages and includes:

  • Display the latest versions of supported software products as they are released
  • Save updates to the local store to verify checksums and other parameters that protect against file spoofing and possible download errors
  • A manual check step on the test segment before installation to avoid problems with installation and subsequent operation of updates on infrastructure work assets.
  • Additional security checks as updates are installed on target assets.

The second change is support for dynamic groups from different assets, united by a set of characteristics. The peculiarity of a dynamic group is that at each time it can contain a different set of assets. Up to 25 rules can be configured for a group - 5 blocks of 5 rules each. For example, you can assemble a group of assets with specific characteristics, critical vulnerabilities, and audit data. And after each vulnerability repair or rescan of the infrastructure, track changes in it.

Шаблон:Quote 'author=said Vladimir Mikhailov, Head of Advanced Projects at Fraudex.

Compatibility with MSVSPHERA 9

On October 16, 2024, Fraudex announced the start of support for the MSVSFERA 9 operating system (Softline Group of Companies) in its Vulns.io Enterprise VM product, a multifunctional system for managing vulnerabilities and analyzing the security of IT infrastructure assets in automatic mode. The integration of these two products will provide enterprises and organizations with the ability to safely work with critical systems in corporate and government structures.

Vulns.io Enterprise VM protects IT infrastructures by identifying vulnerabilities not only in operating systems, but also in installed software, containers, docker images and other assets. A feature of the system is its compatibility with more than 20 different operating systems, including Russian Linux distributions, which makes it a universal tool for ensuring cybersecurity.

The compatibility of Vulns.io Enterprise VM with the MSVSFERA operating system is an important event for domestic business. The OS is gaining popularity due to its high level of security and compliance with Russian standards, including the requirements of FSTEC. Vulns.io Enterprise VM will help you keep your IT infrastructure of all sizes secure by providing up-to-date information about vulnerabilities and helping you respond quickly.

File:Aquote1.png
Our customers can now use Vulns.io Enterprise VM to improve the security of MSVSPHERA servers and workstations. The solution will provide reliable protection against vulnerabilities, including in the context of the need to switch to domestic software, "added Vladimir Mikhailov, head of the advanced projects department at Fraudex. - Our company is constantly working to expand compatibility with Russian software products in order to offer a full set of cybersecurity tools for import-substituting solutions.
File:Aquote2.png

File:Aquote1.png
The compatibility of MSVSPHERA OS with Vulns.io Enterprise VM is an important step in the development of the ecosystem of domestic IT solutions. Developed for enterprise users, our operating system now has advanced security capabilities thanks to integration with the Russian vulnerability management system. This collaboration strengthens MSVSFER's position as a reliable alternative to foreign enterprise-class operating systems and provides businesses with effective tools to secure critical IT infrastructures. We strive to offer our customers a comprehensive solution that will allow us to successfully implement import substitution tasks without compromising on performance and data protection, "commented Development Murad Mirzoev Director". "Inferitis
File:Aquote2.png

Red OS Compatibility 8

The Vulns.io Enterprise VM vulnerability management system has received a certificate of compatibility with Red OS 8. This was announced by Frodex (Fraudex) on August 30, 2024.

The Vulns.io system is used for audit and monitoring vulnerabilities and problems both in the OS installed, - ON docker images and registries, containers and on hosts. Vulns.io is compatible with more than 20 operating systems, including the Russian Linux attributes.

Obtaining a compatibility certificate is a confirmation that the Enterprise VM Vulns.io can be deployed and fully used on the latest version of the domestic operating system RED OS 8.

Шаблон:Quote 'author=said Vladimir Mikhailov, Head of Advanced Projects at Fraudex.

Integration with Securitm

Vulns.io Enterprise VM from Fraudex is integrated with SECURITM, a domestic SGRC platform for managing all organizational processes in information security services . This made it possible to expand the capabilities of both products to increase the level of security of companies and enterprises before cyber attacks. Fraudex announced this on July 4, 2024.

Integration with Vulns.io Enterprise VM will enrich SECURITM with information about all assets used in the infrastructure and their vulnerabilities. Due to the peculiarities of its architecture, the system collects data at a high scan speed (less than a second per host). It also has the ability to scale and run horizontally in Kubernetes clusters, which allows you to distribute computing to hosts and maintain an extremely high audit speed for large infrastructures of several tens of thousands of assets.

So SECURITM users will always have up-to-date information about the state of infrastructure of any scale. All changes in its configuration and threat landscape will immediately affect the host cards on the platform.

Vulns.io Enterprise VM exports the collected audit data - as of July 2024, more than 20 operating systems are supported, including any linux distributions, including Russian ones, supplementing host cards with information about:

  • installed ON servers and workstations;
  • network devices;
  • users;
  • safety groups;
  • open ports;
  • services and services.

You can build Vulnerability Management processes on the data collected from the Enterprise VM Vulns.io; supplement the Asset Management process, monitor the installed software according to blacklists, generate security metrics, etc.

In turn, users of the product of one of the leading developers of new technologies and cybersecurity products when integrating Vulns.io Enterprise VM with SECURITM will have the opportunity to work with vulnerabilities and asset management:

  • Setting and controlling tasks to eliminate vulnerabilities, in its own Tasktracker SECURITM or in Jira, which will automate many processes of the information security service.
  • Building a unified information model of the company, which will now include not only IT assets, but also systems, business processes, people, etc.
  • Use information about infrastructure vulnerabilities in information security risk management processes, in compliance management and standards.

File:Aquote1.png
Combining the two services will not only increase the level of security of the company, but also significantly simplify the work of security specialists by automating processes that they previously had to perform manually, - commented Vladimir Mikhailov, head of the advanced projects department at Fraudex. - This will allow them to concentrate on solving really important issues, for example, timely elimination of vulnerabilities until they are exploited by an attacker.
File:Aquote2.png

Enterprise VM Vulns.io View

The company "Fraudex" on March 27, 2024 presented its development - Vulns.io Enterprise VM. It is a multifunctional system for managing vulnerabilities and analyzing the security of assets of IT infrastructures of any volume in automatic mode, with the ability to scale horizontally in Kubernetes.

Thanks to its architecture, Vulns.io Enterprise VM spends less than a second per host while scanning multiple assets. If you need to process huge amounts of data, the system can be deployed in a cluster using Kubernetes. This feature allows you to flexibly adjust the horizontal scaling of product components by distributing them to different cluster nodes. In some cases, you can configure Kubernetes to automatically allocate additional resources to maintain stable system operation during times of increased load.

File:Aquote1.png
Thus, one of the problems of large infrastructures is solved - a long time for processing large amounts of data, which makes it impossible to update the degree of infrastructure security, - explained Vladimir Mikhailov, head of the advanced projects department of Fraudex LLC. - The high scan speed and ease of running Enterprise VM Vulns.io in Kubernetes reduce the time spent on identifying asset vulnerabilities by a multiple of the time. This allows you to audit much more often - monitor infrastructure vulnerabilities in the literal sense of the word. And, as a result, respond to new vulnerabilities in a timely manner - to eliminate them until the moment when the attacker learns about them.
File:Aquote2.png

Vulns.io Enterprise VM offers all the functionality necessary to monitor and manage vulnerabilities in IT infrastructures: starting with auditing, operating systems installed, software network equipment, docker images in registers or on hosts, prioritizing the vulnerabilities found, ending with their elimination (patch management) and monitoring changes in asset security. Architecturally, Vulns.io Enterprise VM is an on-premium solution on the physical or on the virtual server network and on the customer's power.

Vulns.io Enterprise VM is located in the Register of Russian software.