Jet Infosystems were implemented by MaxPatrol SIEM in Pipe Metallurgical Co.

2020: Implementation of MaxPatrol SIEM in an information security system of Pipe Metallurgic Company

On October 13, 2020 it became known that the Jet Infosystems company completed the project on system implementation of collecting, storage and analysis of events of security of MaxPatrol SIEM in the Pipe Metallurgical Co. (PMC). Specialists of integrator connected to the solution totally 16 types of sources - means of protecting and components of IT infrastructure. Accomplishment of all project works took half a year that allowed Pipe Metallurgic Company to automate processes of monitoring of incidents of cybersecurity in a short time and to start the choice of the supplier of expert services for response to cybersecurity incidents.

The project on implementation of a SIEM system in Pipe Metallurgical Co. was dictated by need of ensuring the automated collecting and the centralized storage of events of security from different subsystems. For the solution of these tasks of Pipe Metallurgic Company selected MaxPatrol SIEM from Positive Technologies as it can be connected to any external systems by means of development of integration modules (connectors). For benefit of a product including played monthly delivery of packets of examination with relevant methods of detection of threats, transparent Roadmap, opportunities to scaling, system performance (prior to 40,000 events per second) and existence of the FSTEC certificate of Russia.

The project allowed Pipe Metallurgic Company to integrate into a short time a SIEM system in infrastructure of information security of the company taking into account its features and the implemented processes, and the modules developed by integrator allowed to consider fully a SIEM system the central link of a landscape of information security of the company. We already felt specific advantage of MaxPatrol SIEM during growth of number of the attacks in the period of the quarantine measures connected with counteraction to COVID-19 virus. Thanks to pro-active actions and the implemented solution we coped with this call, Dmitry Jacob, the CIO of Pipe Metallurgic Company commented

Engineers Jet Infosystems developed four integration modules for connection of MaxPatrol SIEM to information systems of Pipe Metallurgic Company with which interaction was not supported "from a box". The project team created one of them for collecting and event handling from cloud services Microsoft 365 and Azure, having implemented the first integration of MaxPatrol SIEM with these products. Other module is intended for collection of information, necessary at investigations of cybersecurity incidents, from databases configuration management. Specialists developed two more modules for expanded integration of a SIEM system with a directory service Active Directory (AD) and interactions with the platform of cyberinvestigation created in Pipe Metallurgic Company.

We were faced by a task to implement SIEM in the company from one of the most mature information security systems among large industrial enterprises in Russia. Advanced technical competences of specialists and the high level of a maturity of processes of the customer, productive interaction with a command of vendor and own examination helped us to cope with an uncommon task and to harmoniously enter the solution in an ecosystem of information security of Pipe Metallurgic Company, Andrey Yankin, the director of Information Security Center of Jet Infosystems company noted

According to the research Positive Technologies, in 2019 the number of cyber attacks increased by 19%. At the same time the share of the attacks to the industrial companies grew drama - from 4% to 10%, this industry is under a sight at more than twenty ART GROUPINGS.

In the conditions of rapid growth of cyberincidents, the companies which are objectively assessing risks and the consequences of cyber attacks are not able to afford to work without the automated systems revealing incidents in real time any more: for them class SIEM system implementation enters an obligatory minimum regarding information security support today, Maxim Filippov, the director of business development of Positive Technologies in Russia told