RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Innostage Orchestrator

Product
Developers: InnoSTage (Innostage)
Last Release Date: 2024/03/05
Branches: Information security
Technology: ITSM - IT Service Management Systems

Content

Main article: IT Service Management (ITSM)

2024

Integration with Kaspersky Secure Mail Gateway

Innostage has implemented the integration of the Innostage Orchestrator control action system and the Kaspersky Secure Mail Gateway email security gateway, which will allow you to quickly respond to phishing emails from cybercriminals. Innostage Orchestrator and Kaspersky Secure Mail Gateway were integrated by the Innostage team, which announced this on March 14, 2024.

Innostage Orchestrator automates typical IT and security impact operations and accelerates expert response to security incidents, including phishing attacks.

Kaspersky Secure Mail Gateway is designed to protect incoming and outgoing mail from malicious objects, spam and phishing, as well as for content filtering of messages. The integration of the Innostage Orchestrator Control Action System with KSMG allows, when phishing attacks are detected, to automate the response to this incident using the following scenario: KSMG blocks the sender's address, and then removes phishing mail in the mail system. This greatly increases the speed of response to incidents and minimizes their consequences. This eliminates the possibility of re-receiving malicious emails from an attacker.

Also, Innostage Orchestrator implemented integrations with Palo Alto, Huawei and PT Application Firewall. Integration with them allows you to control access at the level of firewall and blacklisting. In addition, integration with Palo Alto makes it possible to quickly break VPN user sessions.

In addition, the solution is integrated with CyberART TI, a tool for collecting, analyzing and interpreting information about possible threats to computer systems, networks and applications. Thanks to CyberART, TI Innostage Orchestrator can check compromise indicators for malware.

File:Aquote1.png
The growth of cybercrime is an actual trend not only for Russia, but also for the whole world. In 2023, cybercriminals in mass phishing mailings used attachments as the main way to deliver malware, while fraudsters are much more likely to send files with the.pdf extension. And according to our estimates, about 6% of employees of Russian companies open malicious investments. The integration of Innostage Orchestrator with Kaspersky Secure Mail Gateway will help protect against such threats even more efficiently and greatly facilitate the work of information security specialists in maintaining system stability and business continuity, said Kirill Markin, Director of the Innostage Product Office.
File:Aquote2.png

Add user audit and role model customization

Innostage on March 5, 2024 announced the update of the Innostage Orchestrator control impact system.

The solution minimizes the efforts and time spent by information security and IT specialists in the process of solving information security problems on the IT infrastructure and information protection tools, as well as reduces the impact of the human factor in the process of solving such problems.

Added features include auditing user actions and role model customization capabilities, which allow you to complement it with user roles at the system entity access level and adapt the system to the customer's actual business processes. In addition, added access to connector documentation from the administration web console and templates when sending email notifications as part of scripts.

Another important addition was the ability to configure a conditional branch unit that can be used by information security specialists when working with response scenarios. Now it is possible to organize their branches based on various attributes and conditions, providing flexibility of automation. Scripts will be run on a specific thread and not affect others. Previously, it was impossible to perform such branches - response scenarios were created only according to a certain sequence of actions.

Conditional branching allows minimizing the efforts of information security specialists to ensure the efficient operation of IT and information security infrastructure. Another advantage is the ability to combine conditions into groups, linking them to each other or to a separate condition using logical operations.

{{quote "Using different conditions within simple incident processing scenarios and setting complex routing conditions, you can design complex and multilevel incident response scenarios. As a result, the algorithms of actions necessary in a particular situation are performed much faster, ― said Evgeny Fedrov, head of the product department of Innostage. }}

This version of Innostage Orchestrator can be integrated with Palo Alto, ITU Huawei and Kaspersky Security Mail Gateway, CyberART TI, PT Application Firewall, as well as with other solutions from domestic and foreign manufacturers.