Solar SafeInspect

2024

Certificate of FSTEC of Russia for compliance with the requirements for the fourth level of trust and technical conditions

The Solar SafeInspect privileged access management system has confirmed compliance with the requirements for the fourth level of trust and the technical specifications of the FSTEC of Russia. The document officially testifies that the Solar SafeInspect software package can be used to protect against unauthorized access to information that does not contain information constituting a state secret. Solar (formerly Rostelecom-Solar) announced this on June 19, 2024.

The fourth level of trust of FSTEC Russia demonstrates that the solution can be used to protect significant objects (critical information infrastructure ZO), CUES state information systems (GIS) and automated process control systems (), APCS as well as to protect information systems (ISDS personal data).

The FSTEC certificate of the fourth level of trust confirms the security of the Solar SafeInspect PAM system at the state level, providing our clients with the opportunity to use this solution to protect and control the access of employees and contractors with increased privileges to the information and infrastructure of the organization, "said Dmitry Orlenok, Business Development Manager Solar SafeInspect Solar Group. - Privileged users work with data of a higher degree of confidentiality, operating with information protection tools, network infrastructure and code. The risks of unauthorized access to the accounts of the database operator or system administrator will be significantly higher than of hacking the accounts of the accountant or sales manager. Solar SafeInspect will now help even more companies identify and respond quickly to threats in the early stages before attackers have time to cause irreparable damage.

Solar SafeInspect 2.4.4 with improved in-system capabilities

Solar Group released an updated version of the Solar SafeInspect 2.4.4 privileged access management system on March 27, 2024. Updates enhance the functionality of the product and improve its effectiveness by improving the customer experience.

Solar Group introduced Solar SafeInspect to the market in March 2023 as a fully functional PAM platform for effective management of privileged accounts and sessions in information systems. The key advantages of the product are fast and flexible installation, the ability to integrate in transparent modes and a reliable system for storing recorded data.

The current functionality of the product closes the main tasks of customers in the field of access control for employees and contractors with increased privileges to information and infrastructure of the organization.

In addition to technical improvements, the updated release pays special attention to the development of user experience - improved capabilities of working within the system, optimized methods of storing information, added useful functions. These enhancements not only provide an uninterrupted and secure user experience, but also provide users with advanced functionality to optimize privileged access management processes.

Now, with the ability to limit working hours for privileged users and maintain work schedules, companies can improve compliance with organization policies. Advanced settings for creating an administrator account provide more options, including fields for specifying: position, shift time, account status, and others, which not only simplifies account management, but also increases security measures.

This version significantly improves the operation of the internal video module, which is used in the solution for recording actions performed on monitored devices - accelerated video generation, reduced video size file and improved image quality.

Thanks to the redesigned RDP audit logic, users can note the increased session recording speed and improved image quality. Enabling Remote Program Management simplifies process and application management during RDP sessions, improving performance and convenience. In addition, the updated version improves support for the PowerShell TLS protocol, user mapping mode for advanced access control, and the ability to view XML data directly from the connection page.

In order to simplify navigation and improve efficiency, the updated version has improved the web interface of the system and updated the sections. Improvements are aimed at ensuring that administrators interact more intuitively and efficiently with Solar SafeInspect.

To increase the informativeness of the event logs of the system operation, all stored in information the logging process data is now provided in an extended format. In addition, settings passwords for local users and administrators have been enhanced, and password policy sections have been updated. Advanced administrator action notification settings have been added to the Alerts section, which allows you to conveniently configure notifications about events such as adding, modifying, and deleting users.

Several technological improvements have been made to improve security measures and overall system performance, including completing the transition to Python3, including for working with the API, introducing a requirement for checking the collector name, replacing cryptographic libraries for RDP connections using TLS 1.2.

2022: Inclusion in Rostelecom-Solar product portfolio

As representatives of the Solar Group of Companies clarified to TAdviser, Solar SafeInspect appeared in the Rostelecom-Solar product portfolio as a result of the acquisition in December 2022 of 100% of the assets of NTB LLC.

2016

RuSIEM + SafeInspect = Remote Access Incident and Anomaly Management Tool

The company New security technologies"" (NTB), a Russian developer software for improving the security of information systems and critical management, and IT infrastructure the company LLC "" RUSIEM- announced in the summer of 2016 the creation of a tool for managing incidents information security and anomalies of remote access to critical information systems of organizations. This tool is a merger of two software products: the SafeInspect Privileged User Control System (NTB) and the RuSIEM Event Analysis System.

Integration of systems allows you to compare specific persons and processes that proceed with a high level of privilege when analyzing emerging security incidents. In particular, in real time, monitor operations on managing servers, equipment, technological processes, specialized software, authentication methods and formal access rights according to information security policies, as well as identify attempts to unauthorized access and use by exploiting vulnerabilities.

Value of integration:

• Information about privileged users and management of their credentials,
• Personalization of credentials for non-personalized accounts,
• Identify unusual activity and make adjustments to block and prevent information security incidents.

The solution has the best features of two advanced Russian products. SIEM provides real-time analysis of security events from network devices and applications. SafeInspect technologies provide full visual control over operations using privileged accounts.

Benefits of an integration solution:

• Convenient information security management process in the company:
• all information security incidents fall into a single SIEM console;
• Compare events from SafeInspect with events from other systems that transmit information to the SIEM system for comprehensive situation analysis and prompt identification of real incidents.
• significant simplification of the incident investigation process.
• Prevention of possible internal threats:
• identification of collusion between employees of the company;
• comparing the actions of external intruders with the actions of employees within the organization, identifying collusion, accomplices and the circle of persons involved;
• control of actions of employees with administrative rights;
• control of actions through system accounts
• Rapid response to information security incidents:
• alerting the security officer to possible incidents using privileged accounts.

SafeInspect version 1.3.2

SafeInspect is a protective barrier for super users, allows you to record all their actions for subsequent viewing in order to determine the cause of the incident. In addition, this solution helps to comply with the requirements of IT security standards, such as PCI DSS, SOX, Basel II, Bank of Russia, FSTEC of Russia, etc.

New features of SafeInspect 1.3.2:

1. Working with LDAP has been improved. Algorithms of operation have been changed and nested user groups in different combinations are now supported;

2. The HTTP algorithms have been changed:

• the ability to combine HTTP (S) requests and responses into logical groups,
• the ability to view files and images uploaded in audited sessions using HTTP (S) protocols,
• Display HTML snapshots of pages visited by the user, including input content in input forms.

3. Standard support for the type of network adapter VMXNET3 on VMware ESXi;

4. Support for Common Event Format (CEF) to improve SIEM compatibility;

5. Improved TCP audit stability;

6. Fixed errors identified during the operation of the previous version.

SafeInspect version 1.3

New Security Technologies LLC (NTB), a Russian manufacturer of software for improving the security of information systems and managing critical IT infrastructure, announced in February 2016 the release of version 1.3 of the SafeInspect privileged user control system.

Version 1.3 will allow users to provide not only full control over access to privileged accounts, but also comprehensive monitoring of user activity with the ability to view performed operations in video mode, text search by events and keywords.

New SafeInspect features:

• Improved support for HTTP (s);
• Increased speed with video in SSH and RDP sessions;
• Improved support with external SIEM systems, added support for the CEF log format;
• Added support for Device CAL (device-based Client Access Licensing);
• Fixed errors identified during the operation of the previous version.

"Today, control over the actions of privileged users is a mandatory requirement of various standards and regulatory bodies," says Mikhail Romanov, Director of Business Development at NTB. - "SafeInspect allows our customers to answer perennial questions about who, when and how they actually did, and to provide the necessary data to report to auditors."

2015: About SafeInspect

System administrators in most companies have virtually unlimited access to the systems they are responsible for managing. Critical to incident investigation are the ability to monitor the actions of administrators who have access to servers, telecommunications equipment, and other elements of the IT infrastructure. In addition, there is a need to also control other users with privileged rights, many of whom can be employees of partners, outsourcers, employees who have received extended rights for a short time, etc.

According to 2015 information, SafeInspect is a domestic solution that allows you to control the actions of employees with the rights of privileged users of various levels. The developer of the SafeInspect solution is New Security Technologies. Monitoring the actions of privileged users in real time in SSH and RDP sessions, the ability to search for executable commands, force interruptions of sessions, control authentication and the ability to identify the user using a single end account are only part of the functionality of SafeInspect solutions that allow you to calculate and eliminate information threats to business. SafeInspect can be integrated with various information security tools such as DLP, SIEM, IPS, IDM, allowing you to increase the efficiency of both your work and the work of other subsystems.