FAQ’s spidernext

VSOC is the acronym of Virtual Security Operations Center. VSOCs are in charge of tracking and analysing the activity of networks, servers, endpoints, databases, applications, websites and other systems, looking for anomalous activities that may be indicative of a possible incident o security compromise.

Highly useful information for the detection of cyberattacks and business intelligence, as well as possible attacks on corporate reputation.

Your company data, competitor data, brands, people, locations, vehicles, keywords and much more.

It allows you to centrally and easily monitor and manage the security of the organization, produce key reports for security, business intelligence and reputation, which could involve hundreds of hours of work.

Generation of immediate alerts to risks that may affect the security, business or reputation of the company.

spidernext brings great benefits to any company, small, medium or large, the security of an organization requires advanced tools that can be adapted to its specific characteristics.

VSOC spidernext is totally modular, it allows to have a platform totally adapted to the needs and characteristics of each organization. Modularity also means scalability and progressive adaptation to the needs of the organization, starting from a basic implementation you can scale without limitations.

All you need to do is enter the data you wish to monitor and set the alerts you want. From there, the platform and its intelligent engines will take care of everything. You will just need to generate the reports that you want whenever you want them.

Initially nothing. To obtain basic information, it will not be necessary to install anything. Only as much information as possible about the assets; filling in the tables that exist in the private area of the platform.

If we want to deepen the management and monitoring of security, we have the possibility of installing agents and virtual machines that extend the capabilities of Spidernext.

Your VSOC can start working today, without the need for complex tools, without spending weeks setting up and adjusting rules. Initial set up takes less than 5 minutes and don’t need to install anything in the infrastructure.

None, it enables your staff of any level of experience to quickly manage and investigate incidents and respond to multiple alerts easily through an intuitive user interface and the help of artificial intelligence systems.

spidernext works in a non-intrusive way, so it is fully compatible with any other cybersecurity product or tool.

An Advanced Persistent Threat (APT) is a set of stealthy and ongoing computer processes, often orchestrated by humans and aimed at penetrating the IT security of a specific organization. An APT generally targets organizations or countries for business or political reasons. APT processes require a high level of covertness for an extended period of time, and they are commonly used in espionage or for gaining access to confidential information.

Until now, an APT generally involved a highly advanced group with many resources, such as a government with the capacity and intention to persistently and effectively target a specific entity, usually another government, critical infrastructure or large organization. But this is changing radically; small groups of well-prepared cybercriminals with resources have now discovered an efficient source of income in APTs and they are increasingly affecting smaller organizations.

There is no limit to the information you can enter in the platform; as you enter more information, the results you receive will increase in quantity and quality.

spidernext can perform advanced analyzes on the security of your company’s IT infrastructure, these analyzes consist of vulnerability assessments, verification and analysis of open ports, penetration tests, identification of operating systems and network mapping.

In order to perform these analyzes, a specific authorization is required from the client as they could be identified as real attacks on their infrastructure.

spidernext has a complete module for creating and managing Phishing campaigns. This module allows you to create campaigns, carry out and track shipments, actions carried out by users and finally generate reports of the results obtained.

Awareness is key in the security of any organization, which makes the Phishing Simulation Module an ideal complement to the VSOC.

spidernext’s main mission is to centralize security management and detect attacks in their early stages, even when the criminal starts the first steps to carry them out and the attack has not yet started.

VSOCs are usually oriented to protect Security, Confidentiality, Integrity and Availability, in networks and services. But we go a step further, protecting the reputation and the obtaining of intelligence information for the business.

The platform has been developed considering the data confidentiality and security. By the moment that the information is introduced to the platform (names, domains, addresses, IPs, etc.) these are encrypted (except for the name of the client and the user) and sent to the spidernext database.

What does this mean in practice? Nobody can access to this data. Data is secure and inaccessible. To guarantee this security we have encrypted all data in an individualized form using the AES 256 encryption.

AES means Advanced Encryption Standard. Nowadays is the only algorithm in the National Institute Standards and Technology list (NIST) to protect classified data. It has public access and the code it the same used by NSA in order to ensure “Top Secret” documents.

It is very important to point out:

  • We will not save under no circumstances search data introduced by the platform users, in flat or unencrypted format.
  • In no case we will relinquish, transfer either allow access to this data to third parts.
  • We will not provide any type of information to third parts about our users nor the possible alerts detected.
  • We will not provide any type of information to third parts about security, reputation or intelligence needs obtained for our users.
  • We will not carry out any type of study on the data that our users have entered.

If you have any further questions, feel free to contact our experts.

Ask us now!