Blog

Defensys releases the update for Defensys TDP

The Defensys company updated its platform for digital imitation of IT infrastructure components Defensys Threat Deception Platform (TDP). The vendor added SCADA and Linux FullOS traps to the list of existing ones and also expanded the list of current lures templates.

There was a high increasing of the total number of cyberattacks focused on critical infrastructures in 2022. And consequences of such attacks can be very serious: leaks of confidential information, financial and reputational losses. Considering this statistics, the Defensys company developed the SCADA trap and added it to the latest TDP version. It helps to detect threats in infrastructures of industrial companies. Now users can create fake PLCs (programmable logic controllers) – crucial automation elements in the technological processes management. This way Defensys TDP now detects attacks focused on very specific assets that belong to IT and OT segments.

One more trap added by the vendor is Linux FullOS. It helps to create an emulated full operating virtual machine working under Linux based operating systems in the chosen network. Thus trap type can be the base for creating a lot of fake network elements tuned for customers’ specific needs. Furthermore, users now get lures in the form of saved browser credentials in MS IE and MS Edge Legacy.

More

Cybersecurity Digest #70: 07/03/2023 – 21/03/2023

Cybersecurity news

More

SGRC systems: Compliance as an obligation, part 1

Compliance

Audit management is the most classic application of SGRC systems. It answers the question:

What is going on with information security now?

Conducting compliance audits is both an obligation and a right of organizations.

It is not for nothing that the presence of functions, implemented by systems of this class, is present in almost every standard/framework, which regulates the construction of cybersecurity systems.

Compliance as an obligation

On the one hand, organizations are always subject to a number of normative legal documents and regulations. They are the driving factor for the birth of an organization’s audit management process. The problem that comes to mind first is the need to generate reporting documents on the results of audits. However, it is only the tip of the iceberg.

The audit process includes four basic steps, which generally correspond to Deming’s PDCA (Plan – Do – Check – Act) cycle:

Let us analyze each of these steps.

Planning

At this stage, organizations try to plan a list of necessary actions and define the objects to be audited, the requirements they have to meet.

More

SGRC systems: Prerequisites for the appearance of technology

Today most organizations fortunately no longer face the question “is it worth implementing information security solutions?” The importance of information protection has become an axiom, and there are many offers in the cyber security market that cover the needs in various fields – SOAR, SIEM, etc.

At the same time, information security solutions implemented in organizations usually line up in the following pyramid:

However, with the disparate implementation of the entire variety of security tools and solutions, companies face the following challenges:

  • Lack of a single tool for centralized collection of information security information from multiple sources.
  • Lack of transparency in the information security management process.
  • Lack of resources in the information security department to coordinate all products.
  • The difficulty of communicating the importance of information security to the business.

Thus over time, organizations realize that the mere availability of a wide range of software does not guarantee a well-functioning information security management process.

It requires collecting and aggregating information about the state of information security, analyzing it properly, being able to apply it correctly, and most importantly, clearly communicating to the business the importance of the entire information security management process.

More

Case study by Defensys – The Bank

Challenge

All IT security audits in the Bank were handled in a big famous corporate GRC system. But every time a new cybersecurity standard was published, retuning of the process was frequently connected with issues on the GRC side.

Lack of convenient user tools for managing of different standards requirements and especially of the similar ones, made the team to lose a lot of time for the double work when users had to conduct a new audit campaign with a particular standard.

Defensys technologies

The initial process of dealing with a huge number of requirements was held via electronic tables with all related to such an approach cons. One of the main requirements from the customer’s side was to have the most of the standards, they should be compliant with, available and structured out-of-the-box. After a series of meetings and the PoC project, the Defensys SGRC was chosen as a core solution for the cyber security requirements management system of the Bank.

Implementation

As the first step, the Defensys SGRC had to be integrated with the Bank’s GRC solution. As a result, the whole structure of assets incl.

More