Developers: | RST Cloud |
Technology: | Information Security Management (SIEM) |
Content |
Main article: Security Information and Event Management (SIEM)
2022: Integration with the Security Vision platform
RST Cloud and Security Vision combined expertise to investigate and respond to cybersecurity incidents. Security Vision announced this on September 15, 2022.
The integration of RST Cloud and Security Vision products will allow customers to use an expanded, up-to-date database of indicators based on more than 260 open sources in cyber intelligence and incident management processes. Read more here.
2021: Integration with R-Vision Threat Intelligence Platform
R-Vision has joined forces with the RST Cloud compromise indicator provider to develop the R-Vision Threat Intelligence Platform (TIP) cyber intelligence management platform. As part of the technological partnership, the product implemented built-in integration with the RST Threat Feed service. This will expand the capabilities of platform users to select Threat Intelligence data sources for the most complete coverage of current threats, R-Vision reported on July 22, 2021. Read more here.
2020: RST Cloud partners with Vulners to enter information security enterprise market
As part of the technology partnership, both companies will combine information about software vulnerabilities, hardware and software solutions, and data about indicators of compromise together. The consolidation of technical capabilities enables both companies to enter new markets and compete in their niche with such large players as Kaspersky Lab and Group IB.
Constantly emerging threats significantly affect the overall level of information security of companies. Without timely notification of new vulnerabilities, it is impossible to build reliable protection for the corporate infrastructure. And without constant monitoring of compromise indicators, the company can be under colossal financial and reputational blows at any time. All this poses new challenges to information security specialists of companies of all levels.
To combine its knowledge of all public sources of threat information in one convenient service, startup RST Cloud has developed a service that meets the time challenge - RST Thread Feed - an aggregator of compromise indicators collected and cross-tested from several open and community-supported sources. The end customer is provided with indicators already enriched with additional context and ranked according to the level of danger within the framework of the RST Cloud analytical platform. This data can be used to enrich corporate SIEM systems, as well as to use them in the Threat Hunting process and retrospective analysis.
In the network, especially on shadow forums, there are many sources containing indicators of compromise. It is important for information security experts to have access to this data, and that is why we have created our own service - RST Thread Feed, which allows you to collect, clean, enrich and rank these indicators, "says Yury Sergeyev, CEO of RST Cloud. - Information about vulnerabilities is a very large and important layer of knowledge that allows you to deeper understand the essence of a particular threat. The technology partnership with Vulners is an important milestone in the development of our service. It will allow our customers to access information about vulnerabilities in software and hardware solutions. |
But simply tracking compromise indicators is not enough, because in addition to searching for compromised services, information security specialists are faced with the task of finding, decomposing and eliminating both software and hardware vulnerabilities. To solve this problem , Vulners has developed its own search service for a continuously updated database of vulnerabilities with an open API.
As a result of the agreement, both companies will be able to enrich each other's platforms with more complete information necessary to build continuous information security using modern technologies, and their users will be as informed as possible about the state of their IT and information security systems.
Our technology partnership is the first step towards integrating knowledge about vulnerabilities and indicators of compromise, says Andrey Ivanov, director of development at Vulners. - Our company and RST Cloud have similar goals in terms of accumulating information about threats from many sources. By building additional information security control systems, our clients can already use information about both vulnerabilities and indicators of compromise. |
Among the clients of the companies there are already such large players as Acronis, ImunifyAV, Mail.ru Group, QIWI, Wargaming, Interfax.