“IT-Integrator” is the largest developer
and a provider of IT solutions for corporate
and public sectors
in Ukraine.

en uk
+380 44 538 00 69 info@it-integrator.ua
ENG UA

Tier 2: Risk Informed

Send request
1. Secure Web Gateway, SWG

Purpose: Filtering user access to the Internet and protection against threats in the WEB:

  • built-in categorizer of websites with the possibility of fully automatic configuration of access policies to web resources in the graphical interface
  • filtering access to websites (blocking malicious and phishing sites, restricting user access in accordance with configured Internet policies)
  • granular setting of policies and permissions (for example: “Facebook is blocked for everyone, but HR employees are read-only”)
  • disclosure and analysis of encrypted TLS/SSL connections
  • antivirus check “on the fly”
  • prevention of data leakage (when integrated with DLP) by blocking the uploading of critical data to public file repositories, their transfer via messengers, etc.
  • monitoring the activity of users accessing the Internet, collecting statistics and analyzing visited websites, monitoring the effectiveness of the use of working time
2. Secure Mail Gateway, SMG

Purpose: The basic mandatory component of most cyber security systems that protects the most vulnerable component of the IT infrastructure to attacks – the mail server:

  • blocking 99% of SPAM and phishing (intended to “lure” user credentials, “deliver” malicious attachments)
  • “disarmament” of potentially harmful emails (removal of active and dangerous content, web links, etc.) with delivery of only safe content to the user
  • antivirus check “on the fly” by the built-in signature antivirus of all incoming messages
  • integration with third-party “sandboxes” (sundbox) to analyze all suspicious attachments
  • data leakage prevention (when integrated with DLP)
3. Cyber Deception System, CDS

Purpose: “War is the way of deception” (Sun Tzu):

  • creating false “targets” in the IT infrastructure to mask real assets (servers, PCs, network equipment, ATMs, video cameras, printers, logic controllers, etc.)
  • actively misleading attackers and diverting the vector of their attacks from real assets of the IT infrastructure
  • accurate detection of threats without any signatures, including malicious “zero-day” code that is not detected by conventional antiviruses
  • quick detection and investigation of insider activity
  • early warning of the beginning of a targeted cyber attack (both on the perimeter and in the middle of the network)
4. Privilege Access Management, PAM

Purpose: Construction of secure administration processes, one of the components of the Zero Trust architecture:

  • full observation and control over the actions of privileged users (system administrators, contractors, auditors and other users with increased access rights), “video recording” of all administration sessions – SSH, RDP, HTTPS, etc., with the possibility of viewing them and recognizing text and commands
  • the ability to prevent the execution of commands from the “black list”
  • detection, tracking and management of service accounts
    fully functional implementation of the mechanism for temporarily granting elevated privileges
  • implementation of the “two hands” rule (access to the system administrator to the server is explicitly confirmed by the security administrator)
  • exclusion of the possibility to connect to servers “bypassing” the solution by storing and automatically changing administrative passwords to target systems exclusively RAM
  • a built-in ticketing system for the implementation of a holistic process of managing the administration of target systems
  • analysis of administrators’ work statistics
 5. Network Access Control, NAC

Purpose: Control of access to the corporate network:

  • monitoring network connections and blocking unwanted ones based on configurable policies (availability of patches and corrections for the OS, updates for antivirus software, etc.)
  • automatic change of access rights to corporate resources according to user role, device type, network connection method, etc.
  • automation of the application of policies for devices in the network, including for personal devices (according to the BYOD concept)
  • implementation of a self-registration portal for connecting to guest Wi-Fi
6. Risk based Vulnerability Management, RbVM

Purpose: The main complex component of building the Vulnerablity Management process:

  • identification and inventory of all assets in the corporation. networks and the Internet
  • accurate identification of known OS and application vulnerabilities
  • profile monitoring of specific vulnerabilities of WEB applications
  • visualization of cyber security risks, their level of criticality and growth/decrease trends over time
  • comparison of the organization’s risk model with similar companies in the industry (in an impersonal form)
  • generalization and prioritization of risks, issuance of recommendations on their processing
  • integration with Help Desk class systems to build a holistic process of eliminating vulnerabilities
  • ensuring compliance with regulatory requirements and Compliance (for example, PCI DSS)

    Do you want

    send

    request?




    *Privacy Policy