“IT-Integrator” is the largest developer
and a provider of IT solutions for corporate
and public sectors
in Ukraine.

Tier 4: Adaptive

Send request
1. eXtended Detection & Response, XDR

Purpose: An integrated set of solutions (CDS+EDR+NTA) that allows, based on network traffic analysis, signatureless detection of suspicious events and in-depth control of PCs and servers, to provide an unprecedented level of IT infrastructure observability and incident response efficiency

2. Attack Surface Management, ASM

Purpose: Control of own “surface attack”:

  • obtaining unbiased data on how the organization “looks” to a potential attacker
  • rapid automated identification (using OSINT) of publicly available assets
  • detection of hidden connections between the organization’s resources and public cloud resources and code repositories (eg Github)
  • building a real model of threats to public resources of the organization and their constant proactive monitoring
3. Policy & Compliance Management, PMC

Purpose: Control of network security policies, automation of Change Management processes, Compliance:

  • collection, centralized storage and analysis of configurations of firewalls and other network equipment
  • detection of dangerous, unused, duplicate rules
  • automatic construction of the network map “as it really is” at the current moment
  • simulation of risks and vectors of implementation of network attacks
  • simulation of the consequences of changes in the configuration of network devices before real use
    optimization and control of the work of network administrators, building an effective change management process
  • identification and control of corporate applications
4. User Entity Behaviour Analysis, UEBA

Purpose: Continuous monitoring, logging and analysis of user activity and processes:

  • profiling the work of users and processes
  • detection of anomalies in user behavior and processes and services, including with the help of AI/ML
  • keeping statistics and monitoring the use of working time
5. Identity and Access Manager, IDM / IAM

Purpose: Centralized management of accounts and rights in IS:

  • provision, termination, change of access rights to information resources
  • audit of available accesses – “putting things in order” in accounts (everything unnecessary is deleted, what is needed is uniquely identified and personified)
  • integration with most modern application software platforms (Microsoft, Oracle, SAP, etc.)
  • built-in toolkit for development of connectors to non-standard (self-written) software
6. Cloud Access Security Broker, CASB

Purpose: Continuous monitoring, control and management of cloud services:

  • implementation of Zero Trust architecture for clouds
  • granting users access rights to cloud resources in compliance with the principle of minimum authority
  • protection of data in the cloud from distortion, deletion, leakage (both built-in functions and due to integration with DLP)
  • detection of abnormal behavior of users and processes when accessing cloud resources and prevention of incidents (both built-in functions and due to integration with UEBA)
  • protection against malicious programs and their spread in the organization’s IT infrastructure through clouds
7. Security Orchestration Automation & Response, SOAR

Purpose: Centralization and automation of the Incident Management process (the main tool of the corporate Security Operation Center):

  • orchestration of all existing cyber security systems to build a complete interconnected system
  • automation of routine security event processing operations based on customizable playbooks
  • creating a unified operating environment for proactively tracking and handling cyber security incidents
  • maintaining a single knowledge base for the implementation of the process of continuous improvement of the Incident Management process

    Do you want

    send

    request?




    *Privacy Policy