ISOC Information Securities

The main articles are:

• Security Information and Event Management (SIEM)
• Situational centers (definition, main tasks)

ISOC is a service from Infosecuriti that allows you to monitor and investigate information security incidents in organizations.

Technology - SOC (Security Operations Center) - Information Security Incident Monitoring and Response Center, a complex set of technical means, built processes and specialized specialists.

2022: Availability of services based on the Security Vision Incident Response Platform

On November 14, 2022, Infosecurity announced the conclusion of a strategic partnership agreement with information security software developer Security Vision to improve the effectiveness of the services of the Infosecurity SOC Incident Monitoring and Response Center (ISOC).

Customers now have access to on-base countermeasures to cyber attacks that Security Vision Incident Response Platform (IRP/SOAR) fully automate all routine processes of personnel involved in handling, responding lifecycle management , and incident INFORMATION SECURITY management. Security Vision is the Russian IT a platform that allows you to automate up to 95% of the software and hardware functions of the information security operator.

Illustration: anti-malware.ru

Thanks to IRP/SOAR analysts SOC , they can see in real time life not only the stages of processing and responding to incidents, but also enrich information about them from data related systems. Thus, the automated actions of Infosecurity SOC significantly reduce the risks of the human factor when managing events, significantly reduce the response time and minimize the risks of penetration infrastructure into organizations.

The modular Security Vision platform as part of Infosecurity SOC allows you to add functionality to individual customer features, depending on the infrastructure and internal processes of the company. And the expertise of Infosecurity and many years of experience in building response centers on various scales made it possible to develop a large number of response scenarios and an extensive base of playbooks, which is constantly replenished with scenarios.

According to Kaspersky Lab"" in cyber incidents the Russian the first five months of 2022, the number of companies increased by almost 40%. Among the most often attacked were financial both and. In transport industries IT state agencies this regard, the company notes the increased interest in SOC and is ready to offer an updated service on the basis. Security Vision IRP The service will allow not only to build monitoring and incident response processes relatively quickly, but also to automate the processing of events INFORMATION SECURITY and response to them, which means minimizing the risks of entering the infrastructure, said Ivan Miroshnichenko, deputy director of SOC Infosecurity.

Automation of processes and operations is an integral part of IT culture. This also applies to the field of cybersecurity, in which there is a dramatic lack of human resources in conditions of a continuously increasing number of threats. Therefore, the use of the automation tool by the MSSP provider, for which the provision of cybersecurity services is the main business, has become mandatory. Automation with Security Vision IRP/SOAR will enable Infosecurity to efficiently deliver services to customers and grow its business steadily. The flexibility and ease of Security Vision process designers and connectors, the ability to scale and build different operating modes will cover all current and future tasks of the MSSP provider, noted Roman Ovchinnikov, head of the Security Vision execution department.

In October 2022, Infosecurity SOC specialists were trained in the Security Vision 5 certification course, which included both theoretical and practical lessons on the specifics of automating key information security processes. The course will enable Infosecurity analysts to approach incident processes more effectively, improve response rates, and deliver even higher levels of SOC services.

2020: Inclusion in the Unified Register of Domestic Software

The platform for monitoring and responding to incidents, information security ISOC the development of the company (Infosecurity part of the Group of Companies), Softline in accordance with the order of Ministries of Digital Development, Communications and Mass Media of the Russian Federation December 14, 2020, is included in. Unified Register of Domestic Software The inclusion of the solution in the register opens up prospects for cooperation with customers for the company. This was public sector. announced on December 23, 2020 by Softline.

The inclusion of the ISOC Incident Monitoring and Response Platform in the Unified Register of Domestic Software provides an opportunity for public sector companies to obtain a high-tech, high-quality solution that fully meets all the requirements of import substitution legislation. ISOC is registered in six categories: monitoring and management systems; information security tools; General purpose application software; organization and system for collecting, storing, processing, analyzing, modeling and visualizing data arrays process control systems; Information systems for solving specific industry tasks.

Infosecurity a Softline Company has been providing information security incident monitoring and response center services since 2015. The company's experts have experience in building a system for monitoring and responding to incidents, based on the needs of the customer and the availability of appropriate equipment and software, as well as managing this system from scratch.

The ISOC monitoring platform not only minimizes the risk of penetration into the customer's infrastructure, but also in the event of an incident, timely notify of threats and reduce the response time to it thanks to ready-made response scenarios and highly qualified specialists.

In the monitoring center, we use current Threat Intelligence data, as well as exchange threat information with other SOC and CERT centers. This approach allows you to timely update information about threats and promptly respond to them, - comments Alexey Yudin, director of the ISOC monitoring center, - The entry of the ISOC Platform into the register of domestic software allows state customers to be confident in the quality of our solution, and also confirms its compliance with all the requirements of the import substitution policy.