IZ:SOC

IZ: SOC is service of detection of cyberthreats which constantly keeps track of suspicious activity as inside, and on perimeter of IT infrastructure of the organization. The solution distinguishes a combination of the functional high-tech platform of collecting, processing and storage of events of information security, highly skilled personnel and smoothly running processes.

2020: The plan of an output to the market of virtual Security Operation Center (SOC) based on Microsoft Azure Sentinel

On March 12, 2020 the companies "Informzashita" also Microsoft announced the beginning of strategic partnership in the area information security which first stage will be an output to Russian the market of virtual Security Operation Center (SOC) based on Microsoft Azure Sentinel.

Experience of Microsoft in the field of creation of solutions on service model and own ecosystem including a broad spectrum of solutions cybersecurity in combination with one of the best examinations in the market in the field of cybersecurity Informzashita companies will allow to propose to the Russian customers complete solutions at the heart of which – system management of cybersecurity of the enterprise from a cloud environment. Besides, the companies implement the educational program for the Russian companies allowing specialists to fulfill the most difficult scenarios of cyberincidents in the field of cybersecurity. Also the companies will hold joint industry events in the field of cybersecurity.

Microsoft Azure Sentinel service – the first SIEM system which is completely integrated into a cloud platform by Azure. It allows to automate routine tasks of specialists in cyber security, having released their time for the solution of priority questions. Besides, use of artificial intelligence technologies (AI) allows to lower Alert Fatigue (slow reaction of experts at too large number of alarms) to 90%. Service provides protection of all organization, detecting and preventing threats before they do harm. Azure Sentinel uses unlimited computing powers and scalability of a cloud of Microsoft Azure for a guarantee of the high level of security. The solution also collects, integrates and analyzes information from all enterprise – including data from users, applications and infrastructure as locally, and in several clouds.

The solution of virtual SOC includes not only the innovation technology platform, but also services for monitoring and response to incidents from experts of the Center of monitoring of cyberthreats of Informzashita of IZ: SOC. All this will allow to detect cyber attacks of high category of complexity before they deeply get into a system. Azure Sentinel supports open standards, for example, of CEF and also has the wide partner network including members of Microsoft Intelligent Security Association, such as Cisco, Symantec, Fortinet, Palo Alto. Users of the solution confirmed that it reduces time of detection of cyberthreats from several to several o'clock seconds. The solution also allows employees to enter own analytical data into the system and to interact with wide community of specialists in the field of cyber security.

Partnership with Microsoft provides us access to the most modern tools for protection of our clients, allowing to be on the edge of development of modern technologies of cyber security. Possibilities of Microsoft in the field of artificial intelligence and cloud computing in combination with examination of staff of IZ: SOC give the effective synergy directed to quality improvement of services for our customers. Informzashita can perform monitoring of objects of critical infrastructure, i.e. our customers in the mode of one window can receive services as the infrastructures providing compliance to the legislation, and directed to protection of a cloud part, speaks Pyotr Yefimov, the CEO AO NIP Informzashita

The information security is the crucial direction for business of any size. According to the research Juniper Research, the annual damage from activity of cybercriminals will grow every year on average for 11%, and by 2024 will exceed 5 trillion dollars. The Russian market answers a universal trend of complication of cyber attacks. We are sure that consolidation of our efforts with the Informzashita company having experience of implementation of difficult projects for large business and also consulting in cybersecurity will allow to strengthen information security of the Russian companies. For Microsoft in Russia transformation of a partner ecosystem is strategic direction, we continue to develop partnership of new type therefore the beginning of work with Informzashita company will become a striking example of such cooperation, speaks Christina Tikhonova, the president of Microsoft in Russia

2019: Functionality of IZ: SOC

According to information for November, 2019, being connected to service of counteraction to cyber attacks of IZ: SOC, the companies receive the following functionality:

• Collecting and event management of information security
• Identification of computer incidents
• Information storage about incidents
• Search of vulnerabilities in network services and software, identification of errors in configurations and architecture
• Assistance in response to incidents
• Localization and elimination of effects of computer incidents

In the whole IZ: SOC provides the following services:

• Cyberinvestigation
• Analytics
• Analysis of security
• Monitoring and reaction
• Investigation of incidents

IZ service: SOC covers more than 50 specialized use cases and 200 rules of correlation directed to identification of threats from investigation before implementation and more than 640 sources of events supported from a box.