🔹 Main Functions:
-
Centralized collection and normalization of data from:
-
Network equipment
-
Servers and workstations
-
Applications and DBMS
-
Virtual and cloud environments
-
-
Advanced event correlation:
-
Built-in templates for Russian standards
-
MITRE ATT&CK support
-
Behavioral analysis (UEBA)
-
-
Automated response:
-
Integration with SOAR
-
Predefined response scenarios
-
Incident escalation
-
🔹 Technological Features:
✔ Optimized storage for big data
✔ Support for Russian OS (Astra Linux, ALT, RED OS)
✔ Compatibility with domestic cryptographic tools
✔ Flexible deployment (on-premise/cloud)
🔹 Advantages:
-
Compliance with FSTEC and Bank of Russia requirements
-
Low infrastructure load
-
Localized technical support
-
Adaptation to the specifics of local threats
Applications:
-
Critical Information Infrastructure
-
Financial sector
-
Government organizations