Security Vision Asset Management and Inventory

Main article: IT Service Management (ITSM)

2024: Automatic Asset Discovery and Inventory

On May 13, 2024, Security Vision announced the release of an updated version of the Asset and Inventory Management product on the Security Vision 5 platform.

𝓲

Фото: Security Vision

According to the company, this version of the product implements an optimized mechanism for scanning and inventory of assets with automatic building of links between assets and subnets. The product contains full functionality of operation in MSSP-model mode both for independent management of assets of several organizations and for subsidiary organizations of the Customer.

Additional object types have been added (Data Base and Network Devices) with developed attribute composition, visualization, and a set of administration and inventory actions. The cards of IT objects and objects of the resource-service model have been optimized, the set of actions with assets has been expanded.

The asset lifecycle model has been redesigned and aligned with the generally accepted methodology 4 ITIL.

Asset Scanning, Inventory, and Loading

Automatic detection, identification, inventory and categorization of assets is performed. Assets can be created manually, using bulk downloads from external files, as well as from external sources using a large set of integrations (Active Directory, Directory Services, CMDB, network scanners, IPS and others).

Flexible product settings allow you to inventory assets across selected subnets and ranges, as well as across asset groups or a specific asset.

You can run the scan and inventory manually at any time, or you can set up a regular schedule. A wide range of actions on assets provides the ability to obtain a detailed information by asset in order to clarify the current state of the device or change its configuration. Push alerts highlight the success of operations, and if there are errors, they allow you to determine their type. Also, the product has built-in notifications about the results of actions and scans through other communication channels:, and mail telegram others, with the ability to expand and adjust them.

Updated data model and object display

Detailed links between business objects of the resource and service model (Business Processes, Products, Suppliers, Premises, Equipment) and IT assets have been worked out. For example, it became possible to create an exact location of an asset in a specific room with its display on the plan of the room.

Decomposition of IT assets allows you to implement the required level of infrastructure detail using objects such as the Information System or IPS.

Added a Data Base object with the ability to automatically detect and monitor databases with a mechanism for updating data about objects and database users. All major database manufacturers are supported (MSSQL, MySQL, PostgreSQL, Oracle and others).

The functionality of working with the main network devices (UserGate, Continent NGFW, ViPNet, Cisco ASA, Checkpoint and others) has been expanded: collecting data, obtaining configured rules and configuration parameters, building a graph of links with local network objects, tracking active connections, as well as performing active actions on equipment configuration.

Redesigned the appearance of the display of objects for more convenient work with assets. In particular, an updated link graph has been added with the presence of functionality to perform actions on assets directly from it, as well as with the drill-down function in each related object; a timeline is built in that reflects the chronology of an asset's life cycle and actions on it.

The attribute filling of cards has been expanded both at the level of technical characteristics and business parameters.

A tree view allows you to build a hierarchical view by selected asset groups, their location, or organizational affiliation.

Software Management

The software management and usage control mechanism has been completely updated. The approach to centralized updating and deletion ON on hosts has been optimized, everything is in a single window and transparent to the user.

The mechanism of marking and centralized control over the software used has been expanded. The ability to maintain white and blacklists of applications, allowed and prohibited versions is available.

Asset Actions

The set of actions on the main types of assets has been expanded to obtain detailed information, administration, user management and for other purposes. Actions are available directly from the object card, as well as from the link graph. The link graph allows you to perform actions on any related object. Convenient grouping of actions allows you to quickly find what you need, and the result is recorded in the timeline, on the card and in the push notification.

Dashboards and Report Library

A full-fledged network map has been created that allows you to track the location of assets by subnets and their relationship.

The register of reports has been expanded, consisting of both summary reports with a pre-configured scheduled dispatch and small reports on key parameters.

At the same time, the graphical designers of the Security Vision platforms allow you to adjust and create reports and dashboards in no-code mode.

2023: "White" list of software and the ability to store software updates

On April 4, 2023, Security Vision announced the release of an updated version of the Asset Management and Inventory module, designed to automate and robotize almost any process for managing the inventory of technical and logical infrastructure objects. Added features to the product to work with asset software (SW) and updates.

Security Vision 5

According to the company, the following features are now available to users:

• Maintaining a "white" list of software in the module. Each software added to the module passes the check for inclusion in the "white" list: the "Software in the white list" sign is set in the card. The user can configure the rules by which the software will be included in the whitelist.
• The software card for users has added the ability to manually add or remove software from the lists of prohibited software.

For operational control over the installed software, sections with key features were added: General list, Not allowed software on hosts, Allowed software.

• The module has added the ability to store software updates. For each update, there is a full and short card for viewing and editing information, you can attach the update file to the card or specify a link to the repository from which the update file will be uploaded. Also, in the product interface, you can set software update scripts for various types of operating systems.
• Added links of software card and software updates of various versions and platforms.
• Added software update process on assets: the user selects assets and software update files that will be launched on assets. You can also run the update at a time on all software-linked assets. This action can be configured to be performed both manually and automatically according to the specified rules.

The process of removing software from assets has been added: the user selects the assets on which the corresponding software must be removed. You can also run uninstallation at a time on all software-linked assets. This action can be configured to be performed both manually and automatically according to the specified rules.

Security Vision - the Russian IT a platform that allows to robotize up to 95% of the operator's software and hardware functions. information security It is 100% Russian development and is included in. Unified Register of Russian Programs for Computers and Databases It has all the permits necessary for operation and. FSTEC FSB Certified by FSTEC according to level 4 of trust (certificates of conformity of FSTEC No. 4194 of 19.12.2019, No. 4574 of 02.09.2022). Software products on the Security Vision platform solve such problems as:

• creation of a single situational center; cyber security
• Early detection of cybersecurity attacks and incidents by analyzing events from various information security tools
• consolidation of operational information and its analysis in real time to investigate cybersecurity incidents and make management decisions;
• reduction of response time due to automation of key procedures and response scenarios, robotization of information security operator functions;
• Automatically monitor compliance with regulatory, national, and international standards.

2022: Release of Asset Management and Inventory Module

On March 1, 2022, Intelligent Security announced that it had released the Asset Management and Inventory module on the Security Vision platform.

Like all products on the Security Vision platform, the Asset Management and Inventory module was created from the standpoint of an object-oriented approach. All entities in the system, whether it be information systems, hardware, users, software, etc., are equivalent elements. Each of them has its own set of views, workflows or atomic actions, has its own set of properties and links to other elements of the system.

The Asset Management and Inventory module of the Security Vision 5 platform is designed to automate and robotize almost any process of managing the inventory of technical and logical infrastructure objects. It contains all the many different processes of identification, enrichment and management of information assets, their technical condition, categorization and life cycle stages. Built-in analytics helps to identify bottlenecks in existing IT and information security processes, as well as greatly simplify interaction with auditors and regulators. Based on this product, asset lifecycle management techniques can be easily implemented, from budgeting to write-off and disposal; Assess the impact of systems on business processes and plan command and staff exercises for business continuity and incident recovery.

The module already contains everything you need to build an efficient process, however, if necessary, the user can add or modify existing views, processes and property sets. If there are not enough existing object variants, you can also create your own types.

The functionality of the Asset Management and Inventory module includes tools for agent-free collection of information about systems both with and without the use of accounts on end devices. Many connectors to different systems and a duplication mechanism allow you to effectively manage the received data and consolidate it into a single, up-to-date representation of the object and its states.

Mechanism for working with sources:

• Allows you to process reports of any format (XML, JSON, CSV, XLS/XLSX) with almost no volume limit (tested on various data types including multi-gigabyte vulnerability scanner reports). The information acquisition algorithm is designed in such a way that for data processing it is no longer necessary to completely load the file structure into RAM.
• Already contains pre-installed connectors to main sources such as, Active Directory\, MS SCCMSCOM,/ MS Hyper-V VMware vCenter vROps,, and Kaspersky Security Center Naumen dozens more other systems about REST, protocols (s),, API LDAP RPC, SQL MS WS-MAN and others.
• Allows you to set up grouping rules for each of the sources in such a way as to avoid duplicate information and aggregate all available data in a single asset card, updating only the current relevant information in it.

All integrations are implemented in the connector designer, the work of which is absolutely transparent to the end user.

Most integrations with current IT and information security APIs involve a multi-step sequence of steps, consisting of authentications, request generation, and subsequent execution of a command loop based on the results obtained earlier. All this is now also available from the interface, without the need for third-party scripts and interpreters. For a group of commands created for a single source, it is now possible to create a single start and end session command. This allows you to simplify script development, as well as use third-party services to obtain credentials, such as PAM Credential Vaults.

Grouping rules give the user the ability to both use predefined grouping mechanisms and customize their own based on the resulting fields or their combinations. For each source, for each of the object fields, you can configure your own rules for updating/adding information. The user can create his own classification rules using the names of the detected devices, subnets, service responses, or any other information obtained when scanning systems.

The Distributed Connector Services mechanism enables the identification of isolated network segments without the need for direct network access from the platform to the end device.

The Asset Management and Inventory module allows analytics in a single window to obtain data collected both directly during the inventory of the device and obtained from security management servers. If the platform is configured for two-way interaction and the user has the appropriate rights, tools for executing various scenarios using connected security tools become available in the card.

Starting enrichment, escalation and response scenarios is available not only from the object card, but also from the table view. Commands that allow you to update asset information, create an incident or respond are now implemented in general, which greatly speeds up your work.

To edit many objects, the platform implements Mass Operations, which allow you to both simply delete or fill in the missing data for all selected or filtered assets, and start a workflow (playbook), thereby, for example, updating the inventory data or performing a forced antivirus scan.

Inventory of Users and Software is available. The built-in linking mechanism allows you to get an idea of ​ ​ which devices have this or that software installed, or where the specified user was last authenticated.

To automatically assign the necessary parameters, the system implements a search guide mechanism. It is possible to hierarchically display information in the form of Trees, as well as Link Graphs.

The geographical representation of objects and their positioning on office plans is also available in the widget editor.

The report editor allows you to create templates of the desired format and graphic design directly in the platform interface. Reports can be generated automatically according to the specified schedule, or created manually.