03.10.2017

INFORMZASHCHITA is developing its SOC on IBM-based technology

INFORMZASHCHITA, which occupies a leading position in the field of information security, has become a participant in the IBM QRadar SIEM MSSP program in Russia.

Consistently expanding the base of the modern technologies used, INFORMZASHCHITA, has included the QRADar SIEM solution in its SOC technology platform for more efficient management of IS incidents and the possibility of using the  latest security technologies (UEBA, NBAD, Threat Intelligence, Machine  Learning, etc) in the interests of its clients. Analytical company Gartner, Inc. in its report, the Gartner Magic Quadrant for SIEM ranked the IBM Security division in the “Magic Quadrant” leader board sector among the providers of the security information management systems market and security events.

This step marked the next stage in the development of the IZ SOC INFORMZASHCHITA Response Center for Incidents.

IBM QRadar SIEM manages threats, consolidates data from event logs from thousands of devices, endpoints and applications on the network. Also, the product enables the use of correlation rules, allowing detection of fraudulent schemes and abnormal activity. INFORMZASHCHITA plans to expand its list of sources of information about threats to information security using the IBM X-Force Threat Intelligence service, designed to consolidate data sets, forecast risks, and quickly obtain compromise indicators (IP addresses, domain names, hashes and other signs of malicious activity) and enriching analytical data in monitoring and responding to IS incidents.

Proactive information gathering and threat analysis for information security are becoming an absolute necessity today to effectively counteract cyberattacks. IZSOC analysts of Informzashchita constantly monitor the most critical threats and ongoing ART campaigns and in parallel develop a set of compensating measures to neutralize threats for their customers. The ability to quickly obtain information and exchange statistics on current threats with the IBM X-Force Threat Intelligence team is an important aspect of INFORMZASHCHITA’s participation in the IBM MSSP program.

“The combination of INFORMZASHCHITA’s high level of expertise and modern IBM technologies will allow customers to offer a new level of SOC services on the Russian MSSP market, comments Evgeny Klimov, Deputy Director General for Technologies and Business Development for INFORMZASHCHITA. In addition, more than twenty years of experience in implementing large-scale projects in the CIS allows us to use only proven solutions, which makes the services of the INFORMZASHCHITA Center for Countering Cyber-Attacks real quality, and business clients – protected.”