Defensys has released a new update of the Defensys SENSE Platform v. 1.16 to raise efficiency of companies’ information security. In the modified version detection scenarios were extended with new 15 anomalies. Additionally, the vendor has added a new section called “User profile” for object monitoring and has changed the timeline visualization for a quick artefacts collection during the investigation process.
Defensys has significantly changed the handling of monitored objects. The new section “User profile” immediately provides users with detailed data regarding all sessions of the monitored object, helps to analyze them in one tab and leave comments. Moreover, Defensys has divided event chronology into sessions and limited the display of the monitored object’s activity to one day. A wide range of data on a user’s behavior during a certain period of time is displayed for each session: anomalies, triggered alerts, users’ accounts, equipment, and overall rating. Now events of the same type are grouped in sessions to raise information value of the timeline and make it more convenient for data analysis. New functions allow CS specialists to promptly form the investigation context and to make the process of artefacts’ collection 3 times shorter.
Defensys’s team continues to improve detection features for a better cyber security posture.
The Power generating company hadn’t had any automation programs for their cyber security processes. As the number of branches and employees increased, the Company decided to implement modern software to minimize the manual work and save valuable time.
The Defensys ACP attracted the Company’s attention, because of its automation functions and asset management capabilities from the cyber security perspective.
On the way to the software installation our engineers faced a challenge: the Company has a lot of branches, that makes inventory process in the organization very complicated. The Defensys multi-tenancy option could not be used unless there is a clear understanding about the crossing IP addresses in the whole IT and OT infrastructure.
To keep records of assets in all branches and not to mix them all up the Developer has found a solution – the Defensys ACP could work with the same asset IP addresses from different branches and remote plants due to the ability to label the network when performing the inventory scan. Besides, the Defensys software was integrated with a SIEM system and antivirus solution in each branch.
The Power generating company doesn’t need customized processes or dashboards, because pre-installed options meet Company’s demands.