Cybersecurity Digest #79: 11/07/2023 – 25/07/2023

Cybersecurity news


SGRC systems: Risks, part 2

Threats catalogs

There is a lot of discussion in the professional community about risk assessment methodologies. At the same time, much less attention is paid to a more powerful indicator of the maturity of the process – the process of building threats catalogs.

Let us turn to a typical assessment process:

After a one-time event – the preparation of methodological materials – the assessment cycle begins on a schedule or trigger. The first step is to determine the assessment areas, a step that depends largely on the completeness of the data on the resource-service model. As with audits, it is important here to see the connections between tangible and intangible assets.

The value of the asset, the most difficult step in terms of assessment, was discussed earlier.

The next step, i.e. identification, is the formation of a list of risks for further assessment. And it is this step that often becomes a stumbling block for inexperienced organizations.

Often in the first iterations of the process, this step is implemented creatively: experts analyze the asset on the go, during each assessment, and make a list of possible threats.


Case study by Defensys – Government entity

Challenge & Implementation

One of the entity’s departments has already implemented Defensys SOAR and among all other useful features it has the aggregated assets model that SGRC uses via the integration with SOAR. With a rise of the total number of technical equiHaving experience with our software and trusting

Defensys as a reliable vendor, the organization purchased Defensys SGRC for the integration with their internal portal. This portal, created for governmental bodies, is a multifunctional tool for employees of different departments and organizations. Portal allows users to create requests with various purposes. The government entity plays here the managing and approving role.pment within the entity SOAR became increasingly important.

The main function of SGRC in the organization is to automatically fetch all the received requests with the asset model. Thanks to the role model of the SGRC all the necessary asset types can be owned and managed by certain number of employees. Access to a particular asset with all stored requests and created data may be shared between employees of one or several departments.

After receiving and approving portal requests, a new customized entity with a certain status is added to SGRC via API.


Cybersecurity Digest #78: 27/06/2023 – 11/07/2023

Cybersecurity news


Defensys SOAR platform adopts ChatGPT

We are excited to announce the integration of the Defensys SOAR platform with ChatGPT from OpenAI. This integration brings a change to the way users interact with ChatGPT directly within the SOAR incident chat window. By eliminating the need for separate windows, it significantly reduces the time required to obtain relevant information while maintaining the context of the conversation. But that’s not all. With the integration of ChatGPT, real-time analysis of incoming incidents and their contextual information becomes possible. Leveraging the power of the MITRE ATT&CK framework, ChatGPT can identify attacker tactics, techniques, and sub-techniques. This enhanced visibility enables analysts to understand the current state of the attacker and anticipate the attacker’s next steps. And there’s more. Additionally, the integration empowers effortless generation of incident reports tailored to various stakeholders. Whether it’s a report for managers, directors, or customers, the integration allows for the creation of comprehensive reports in any desired format at the click of a button. By leveraging ChatGPT’s capabilities, analysts can analyze the accuracy and precision of actions performed, receiving valuable recommendations and insights. ChatGPT assists in identifying any overlooked or undocumented details, providing hints to enhance the quality of incident response. With this integration, SOC operators can effectively leverage the expertise of ChatGPT, enhancing incident analysis, reporting, and overall operational efficiency.