R-Vision Incident Response Platform (IRP) represents a comprehensive software platform for security automation and orchestration which can serve as a basis for building a high performing Security Operations Center.
R-Vision IRP aggregates all security incidents data from various sources in a single database for further analysis and investigation and facilitates agile incident response through automated workflows and playbooks.
The platform offers an advanced set of automation tools including dynamic playbooks, a set of ready-to-use scripts, adjustable workflows and security orchestration.
Common workspace for team members which ensures easy access to collected evidence and data. Chat, commenting and other built-in communication tools streamline collaboration across teams.
Comprehensive insight into the company’s IT infrastructure and related business processes which is delivered by built-in inventory tools and collected from integrated security solutions.
Centralized data, evidence and documents storage facilitates easy access and information sharing among team members and improves compliance with regulatory security standards and guidelines.
Flexible settings for tailoring the platform for your company’s specific environment and needs, including adjustable incident parameters, fully customizable workflows and playbooks, specified access to data and roles, and much more.
Built-in tools for incident data sharing arrange for collaboration with trusted partners, external experts, communities and public CERTs or SOCs. Real-time data exchange gives companies access to most actual high-quality data facilitating early threats detection.
Built-in integrations with a wide range of commonly adopted security tools and systems. Open API and universal connector via e-mail allow building custom integrations.
Customizable dashboards and reports bring visibility into security operations. Incident metrics make it easy to track performance and identify directions for improvements.
R-Vision Security GRC Platform (SGRC) allows the creation of an effective information security system through automated IT-assets and risk management, security audits and compliance control to industry standards and requirements.
Control tactic and strategic information security plans, keep track on overall cybersecurity performance and status, perform centralized task management and much more.
Perform automated audits and compliance checks with industry standards and best practices, calculate compliance index, monitor its changes over time, and enjoy automated generation of reports and essential documents.
Calculate risks associated with information security by using one of the embedded methodologies or your own. Produce a detailed risk mitigation plan and keep track of its implementation and risk level changes over time.
Get a comprehensive checklist of compliance problems that should be resolved with an option to assign the responsible person, specify deadlines, severity level and associated assets and easily track the status of remediation.
Get a holistic view of the company’s IT infrastructure and security status by using built-in inventory tools and integrations. Control security settings and user privileges and perform vulnerabilities management.
Control the company’s security level trough automated data collection from available security tools and external information systems, leverage centralized storage of all information security documents and data and keep track of implemented security measures.
Reveal employees who are sensitive to phishing attacks, perform their training, run simulation attacks and monitor training progress.
Enjoy full visibility of security operations through customizable dashboards, diagrams and charts, visual display of relations between information and IT assets and automated generation and delivery of reports. Track performance by using built-in metrics.
R-Vision Threat Intelligence Platform facilitates comprehensive management and use of threat intelligence, and also enables centralized collection and prioritization of indicators of compromise, enriched with additional context and direct output of ready-to-use data to security controls and systems.
Aggregation of threat intelligence data from multiple sources with manual or automated processing and prioritization.
Additional checks and data enrichment with the necessary context through additional enquiries into external systems and other available data sources.
Processed data can be automatically sent to internal security controls, thereby reducing false positives and is delivered to other systems for further use.
Real-time data exchange with peer R-Vision TIP users, trusted partners, external experts, communities and public CERTs with full control over information volume and recipients facilitating early threat detection.
Out-of-box integration with IBM X-Force Exchange and AlienVault Open Threat Exchange, Threat Intelligence services from Group-IB and Kaspersky Lab, and data import from any open or commercial TI feed.
Immediate use of threat intelligence data for incident response and investigation, including automated search for threats, which are relevant to the specific IT infrastructure and on-the-fly checks of IoCs revealed during incident response in all available TI feeds, automatically or upon request.
“ОАО “Белгазпромбанк” использует программные продукты R-Vision Incident Response Platform и R-Vision SGRC. На базе данных продуктов нам удалось построить, описать и внедрить следующие процессы информационной безопасности: инвентаризация активов, анализ рисков информационной безопасности, реагирование на инциденты информационной безопасности, самооценка на соответствие национальным и международным стандартам информационной безопасности, управление уязвимостями.
Стоит отметить, что решения R-Vision IRP и SGRC позволяют нашему Банку успешно проходить аудит на соответствие требованиям стандарта PCI DSS.
Компания R-Vision динамично развивает свои продукты, постоянно добавляя новый функционал, при этом, оказывая качественную техническую поддержку.”
“Использовали данное ПО для экспресс-самооценки. Можем сказать, что оно удобней своих аналогов по совокупности основных показателей. Интерфейс понятен и достаточно прост в использовании. Хотелось бы отметить, что полученная результирующая оценка совпадает с оценкой внешних аудиторов, что порадовало и добавило уверенности в самооценке соответствия.”
“Уже второй год используем модули системы R-Vision для проведения оценок соответствия, контроля системы защиты информации, оценки рисков и с недавнего времени для управления инцидентами. Предлагаемый функционал системы, ее продуманный интерфейс и возможность настраивания списков и шаблонов значительно облегчает выполнение рутинных задач по подготовке отчетности для ЦБ, контролю средств защиты, управлению инцидентами и планированию. Система также дает возможность удобной коммуникации среди сотрудников в рамках этих процессов. Модуль Risk Manager стал незаменимым инструментом для подготовки модели угроз, при этом он позволяет привлекать к работе специалистов из других подразделений. Нравится, что система продолжает развиваться, предоставляя нам новые возможности и облегчая выполнение стоящих перед нами задач.”
