InfoWatch Vision

The main articles are:

• Security Information and Event Management (SIEM)
• Big Data

InfoWatch Vision is a tool for visual analytics of information flows in real time. The technology can be used to conduct investigations in the field of information security of organizations.

2025: Version 3.4 with the ability to detect the employees who communicate the most

InfoWatch has updated the software in the data protection line. The company announced this on February 26, 2025.

Updated versions of decisions included in the Center for Investigation of Decisions - InfoWatch Vision, Activity Monitor, Prediction, Data Discovery, Data Access Tracker have been released.

The Investigation Center is an automated workplace for monitoring the operational situation, investigations of information security incidents. The solution combines and binds all the necessary data to protect information. The resources of the Investigation Center allow you to promptly monitor the situation, identify the relationships of events and evaluate them one click at a time, without switching to individual information security tools. The introduction of the Investigation Center allows you to optimize the load on information security personnel.

InfoWatch Vision is a solution for interactive visual analytics of DLP system data. In version 3.4, it became easier to find the employees who communicate the most. The software allows you to prepare visual reports faster and more conveniently. The ability to leave comments has also been added.

InfoWatch Activity Monitor is a universal tool for monitoring employee actions. In addition to the ability to analyze an employee's speech, version 3.2 added the ability to analyze the entire VKS dialogue. A 10-fold upgrade improved performance and reduced hardware requirements by 50%.

Customers who need to stay ahead of the curve and proactively identify potential threats within their company are offered InfoWatch Prediction, a behavioral analytics solution. Version 3.2 added a concise summary of why the employee was at risk. If necessary, you can go to a detailed summary of the employee and see the details of anomalies and events. It has become easier to identify employees whose behavior is most feared.

files InfoWatch Data Discovery is responsible for auditing storage. Release 2.0 was a big step towards a full-fledged DCAP solution. Data Discovery has built-in content analysis - now you don't need to go to Traffic Monitor to find violations in. data storage This speeds up auditing of file storage and monitoring of confidential storage, information as well as tracking security policies DLP.

InfoWatch Data Access Tracker provides DCAP capabilities for auditing accounts and changes in the directory service. In release 2.2, it became possible to track changes in access rights to shared folders and files. Widgets have appeared that help an information security specialist notice critical problems related to accounts and changes in the composition of privileged groups in time.

InfoWatch Device Control - the solution automatically monitors the connection of external devices and attempts to misuse them. The software allows you to create a flexible structure of access and control of external devices, track priorities, the application of group and individual policies.

Changes in InfoWatch products speed up event processing and routine monitoring, improve control over the company's digital infrastructure. The rethought interface improves the presentation of complex data and allows you to assess the context of events, conduct in-depth analysis of the causes of incidents. This helps prevent potential future incidents. Software optimization has reduced hardware requirements.

We have studied and optimized scenarios for the work of information security specialists in the analysis and investigation of incidents. Updates in the product line are aimed at reducing the company's operating costs and increasing the efficiency of information security divisions, "said Rustam Farrakhov, director of the product development department for data analysis and protection.

2023: InfoWatch Vision 2.8 with Improved Link Graph

On February 28, 2023 InfoWatch Ledger , they announced the release of the next version of DLP InfoWatch Traffic Monitor the 7.6 system, as well as update InfoWatch Prediction 2.2 and InfoWatch Vision 2.8, which use InfoWatch predictive visual analysts Traffic Monitor 7.6 and other InfoWatch products for DLP systems and data.

Improved the usability of the link graph in InfoWatch Vision version 2.8. The link graph clearly shows the movement of messages between employees of the organization, now you can view the details of the event without going to InfoWatch Traffic Monitor. This applies to both mail correspondence and communication in instant messengers, information about which is now more detailed. The communication graph allows you to track in which chronological sequence the data moves along routes. When selecting any individual event, the corresponding edge on the column is highlighted. This allows you to quickly determine which employee started the file movement, and which employee was involved in the incident.

In addition, this version has a widget "User Decision," which allows you to assess the load of the information security department, systematically generating reports on the number of violations and legitimate events, and also shows how many of them have been processed or require additional actions by specialists.

With this information, it will become easier for information security managers to calculate the workload on the team, plan the work of personnel and assess the effectiveness of the DLP system as a whole, believes Rustam Farrakhov, Director of the Product Development Department of InfoWatch Group of Companies.

Read more here.

2022: InfoWatch Vision 2.3 with the ability to customize the composition of widgets and filters

On November 22, 2022, the GC InfoWatch announced the release of an updated version of its products for visual the and - predictive analytics data DLP system: InfoWatch Traffic Monitor InfoWatch Vision and. InfoWatch Prediction

The updated InfoWatch Vision takes into account the needs and trends of the market, including automation of information security services and increased decision-making speed. Among the changes: updated capabilities for working with risk groups and support for installing all InfoWatch products on one server.

The InfoWatch Vision product is designed for visual analysis of data DLP the -system and speeding up the investigation of incidents. information security Changes in the updated version of the product affected the visualization of the intensity of communications and the representation of the graph. In communications particular, the thickness of its edges now varies depending on the intensity of communications between nodes - this allows you to clearly determine which employees are most characteristic of this or that type of communication, and identify existing anomalies. Also, directly on the link graph, without going to other windows and without losing the context of the investigation, the user can see through which channels, in which time and what correspondence was conducted. The use of this version allows you to find out in detail about information the devices on which it is copied information from workers (computers displaying USB devices on the link graph). For greater convenience of the information security services, it became possible to search for events and view statistics on safety the verdicts made by the officer: "violation," "no violation," "no decision has been made," "additional processing is required." This will help you monitor the work of employees and their load, as well as adjust the setting. security policies

The presentation of big data in a visually understandable form "on the fly" allows you to analyze statistical slices and communication paths even in companies with tens of thousands of employees. The ability to customize the composition of widgets and filters provides the flexibility of the solution and the ability to use InfoWatch Vision as a single operational workplace for an information security specialist to protect against leaks. Point-and-click mechanics allow you to move almost instantly between different data slices and different views - statistics, a graph of connections, a dossier on employees and the events themselves, noted Rustam Farrakhov, Director of the Product Development Department of InfoWatch Group of Companies.

InfoWatch Vision and InfoWatch Prediction support domestic operational systems, as well as are closely integrated with each other and the InfoWatch Traffic Monitor DLP system, installed on one server, which optimizes equipment resources.  Read about the changes to the InfoWatch Prediction product here.

2021: InfoWatch Vision 2.3

On May 20, 2021, InfoWatch announced the release of the next version of the visual analytics system expanding the scope of DLP systems, InfoWatch Vision 2.3. The product visualizes a large array of DLP system data online, making it understandable and user-friendly.

In version 2.3, the set of available scenarios for investigation of information security incidents has been expanded and the function of delimiting access rights for employees has appeared. Also, as part of the release, the user interface of the system has been modernized, supplemented with new widgets and filters that make it faster and easier to extract the necessary information from a large array of data.

The use of InfoWatch Vision 2.3 reduces the time required to process incidents and test information security hypotheses, monitors the routes of information movement inside and outside the company, and simplifies the detection of atypical communications between departments and employees in different positions.

An important difference in version 2.3 was the possibility of distinguishing the rights of information security employees and related departments depending on the tasks performed - thus, access to work with data is provided in full accordance with the position and duties of employees. The function is especially useful in the case of a geographically distributed, branch-office structure of organizations with a large number of subsidiaries and dependent enterprises. This feature also allows you to strengthen the importance of information security for business. For example, providing access to economic security or HR provides an opportunity to effectively manage a company's risks.

Enhanced control of "gray zones" is provided by visualizing information flows, which allows you to identify atypical connections and suspicious activities between departments and individual employees to verify the legitimacy of the exchange of confidential information. The transition to the required level of detail by company, branch or employee is carried out in a single information space.

The security services of large, multifilial organizations, the system allows you to quickly analyze incidents and their surrounding context, taking into account all the details associated with them.

"Working on version 2.3, we were guided by the needs of our customers, so InfoWatch Vision 2.3 in its current form is a visual system that meets modern market requirements. analysts big data Where convenience comes first when obtaining an objective picture, information security events taking place in the company and, as a result, the efficiency of making the right decisions to prevent information security risks. The visual analytics tool helps information security specialists to be not a center of defense costs, but an important link supporting the adoption of management decisions in related divisions of the company, "said the Stepan Deshevykh head of the product development department of InfoWatch Group of Companies.

The interface has been improved in terms of the mechanism for cleaning and removing filters, clarifying search criteria from widgets and a list of events, displaying contacts from events in a pop-up window about personality, and also simplifying the copying of text attributes for searching on third-party systems.

2019: InfoWatch Vision 2.0

In August 2019, InfoWatch, a Russian developer of innovative software products and complex solutions for information security of organizations, released a new version of the InfoWatch Vision 2.0 product.

As part of the product release, functionality has been expanded, usability has been improved and system performance has been significantly increased, which significantly reduces hardware requirements and simplifies implementation in large territorial-distributed companies.

InfoWatch Vision is a visual analytics system that expands the scope of the InfoWatch Traffic Monitor DLP system. This version is distinguished, first of all, by increased performance: now operational data processing is possible in corporate networks up to 100,000 workstations, which seriously affects work across organizations. InfoWatch Vision 2.0 is a completely domestic solution developed on the basis of its own technologies. "Our company pays great attention to tools that allow us to build efficient work with big data processed by the DLP system. The ability to quickly get a visual picture of the information security processes taking place in the company brings business to a qualitatively new level of management, "said Andrey Arefiev, Head of Product Development at InfoWatch.

Vision 2.0 has increased the number of nodes displayed on the link graph. This increases the convenience of working with the count and opens up new opportunities for the security officer. For example, a security officer may display a communications map for entire units or selected groups of employees to identify atypical interactions. In addition, the security officer can route the selected information in order to identify all suspicious activities or understand how DLP system policies correspond to the current business processes of the company. Thus, improved visualization of information flows helps to strengthen control over "gray zones" and reveal hidden patterns and "insights."

Expanded functionality for working with employee files, which allows you to consolidate in one place all relevant information about the employee, his activity profile and circle of communication. Thus, security officers are provided with an effective tool for interaction and collaboration as part of incident investigation. According to Andrei Arefiev, "conducting an investigation on a specific incident can be a rather long process and it is important for a security officer to have a convenient tool for accumulating and systematizing all the facts discovered. Vision 2.0 allows you to accumulate information about all identified incidents in the employee's file, as well as supplement it with information from external systems. When making decisions, the "dossier" helps to look at the picture as a whole, including taking into account retrospective data. In addition, security officers are given the opportunity to share information as part of joint investigations, which is especially relevant for large organizations. "

2016: InfoWatch Vision 1.0

On November 1, 2016, InfoWatch announced the release of InfoWatch Vision 1.0.

The software product provides the information security specialist with tools for visual analysis of the company's information flows and is focused on identifying incidents in the field of information security, including those that are not violations in terms of security policies in the organization. According to the developers, the solution will help the information security specialist in making decisions during the investigation, providing additional data on requests based on all stored information about information security events.

InfoWatch Vision Architecture, (2016)

InfoWatch Vision consists of four functional modules:

• summary,
• link graph,
• file
• Report Designer.

The modules are mutually complementary, helping in the analysis of the company's information flows by a single data slice through built-in data visualization mechanisms and filtering elements. If you use one or more filters on the selected block, the solution automatically rearranges all other modules.

Sergey Malyarov, Product Development Manager of InfoWatch Group of Companies' System, as it were, predicts the questions that an information security specialist can ask at the next moment. The solution provides data not only strictly on a given request, but also additional information that helps to conduct the investigation. In addition, InfoWatch Vision allows you to control the "gray areas" of the company's information flows, identifying events that are atypical for the organization processes and abnormal behavior of employees.

The security summary is designed to assess the level of information security in the company. The module helps to perform retrospective analysis by detecting anomalies in information flows and can serve as a starting point in the conduct of investigations.

The link graph is designed to analyze information flows that arise within an organization and when interacting with external counterparties. Interactive decision mechanisms help to visually visualize information flows generated by employees in various aspects of information security in real time.

Sheets, Summary, Link Graph and Dossier, (2016)

The interactive dossier contains consolidated data for each employee or external contact of the organization, allowing flexible filtering of data according to various criteria, helping to move to another dossier from the link graph built into the dossier card.

The report designer assists in the structuring and preparation of information obtained during the investigation in the form of a single document.

The first version of the product integrates with the DLP product InfoWatch Traffic Monitor and takes into account the logic of the original data source.