FAQ’s spidernext

vSOC is the acronym of virtual Security Operations Center. vSOCs are in charge of tracking and analysing the activity of networks, servers, endpoints, databases, applications, websites and other systems, looking for anomalous activities that may be indicative of a possible incident o security compromise.

Highly useful information for the detection of cyberattacks and business intelligence, as well as possible attacks on corporate reputation.

Events produced by the organization’s electronics, applications, IT and security infrastructure and systems, business data, your company data, competitor data, brands, people, locations, vehicles, keywords and much more.

It allows you to centrally and easily monitor and manage the security of the organization, produce key reports for security, business intelligence and reputation, calculate metrics, carry out automatic security evaluation and maintenance processes, that all of them could involve hundreds of hours of work.

Generating alerts or performing technical actions automatically and immediately in the event of risks that may affect the security, business or reputation of the company.

spidernext brings great benefits to any company, small, medium or large, the security of an organization requires advanced tools that can be adapted to its specific characteristics.

vSOC spidernext is totally modular, it allows to have a platform totally adapted to the needs and characteristics of each organization. Modularity also means scalability and progressive adaptation to the needs of the organization, starting from a basic implementation you can scale without limitations.

It is only necessary to enter the data that you want to control, define the alerts that you want to establish and establish the monitoring and response flows. From here, the platform, agents and their intelligence engines will take care of everything, you just need to generate the reports you want at all times.

Initially nothing. To obtain basic information, it will not be necessary to install anything. Only as much information as possible about the assets; filling in the tables that exist in the private area of the platform.

If you want to go deeper into security monitoring and management, it will be necessary to install agents and virtual machines that extend Spidernext’s capabilities, addressing the complete security monitoring of the organization’s infrastructure.

Your vSOC can start working today, without the need for complex tools, without spending weeks setting up and adjusting rules. Initial set up takes less than 5 minutes and don’t need to install anything in the infrastructure.

None, it enables your staff of any level of experience to quickly manage and investigate incidents and respond to multiple alerts easily through an intuitive user interface and the help of artificial intelligence systems.

In order to take full advantage of Spidernext’s functionalities and capabilities, our clients can access specific training sessions or even contract managed security monitoring and management services.

Spidernext is compatible with any other cybersecurity product or tool, and is usually capable of exchanging information with these products or solutions.

An Advanced Persistent Threat (APT) is a set of stealthy and ongoing computer processes, often orchestrated by humans and aimed at penetrating the IT security of a specific organization. An APT generally targets organizations or countries for business or political reasons. APT processes require a high level of covertness for an extended period of time, and they are commonly used in espionage or for gaining access to confidential information.

Until now, an APT generally involved a highly advanced group with many resources, such as a government with the capacity and intention to persistently and effectively target a specific entity, usually another government, critical infrastructure or large organization. But this is changing radically; small groups of well-prepared cybercriminals with resources have now discovered an efficient source of income in APTs and they are increasingly affecting smaller organizations.

There is no specific limit to the amount of information that can be monitored from Spidernext. But the most important thing is the quality of the information, the more appropriate and better selected, the more and better results will be obtained. The modularity and scalability capabilities allow to address the analysis of large amounts of information of excellent quality.

spidernext can perform advanced analyzes on the security of your company’s IT infrastructure, these analyzes consist of vulnerability assessments, verification and analysis of open ports, penetration tests, identification of operating systems, network mapping, verification of security posture, analysis of user and application activity, identification of malicious activity, etc.

Spidernext’s main mission is to centralize security management and detect attacks in their early stages, even when the criminal starts the first steps to carry them out, in a planning phase and when the attack has not yet started.

Traditional SOC and vSOCs are usually oriented to protect Security, Confidentiality, Integrity and Availability, in networks and services. But we go a step further, adding reputation monitoring and obtaining intelligence information for the business, together with the advanced SOAR system, which allows immediate and automatic response to security events or incidents.

The platform has been developed considering the data confidentiality and security. By the moment that the information is introduced to the platform (names, domains, addresses, IPs, brands, etc.) this is encrypted with military grade (except for the customer name and user code) and is then sent to the spidernext database.

What does this mean in practice? Nobody can access to this data. Data is secure and inaccessible. To guarantee this security we have encrypted all data in an individualized form using the AES 256 encryption.

AES means Advanced Encryption Standard. Nowadays is the only algorithm in the National Institute Standards and Technology list (NIST) to protect classified data. It has public access and the code it the same used by NSA in order to ensure “Top Secret” documents.

It is very important to point out:

  • We will not save under no circumstances search data introduced by the platform users, in flat or unencrypted format.
  • In no case we will relinquish, transfer either allow access to this data to third parts.
  • We will not provide any type of information to third parts about our users nor the possible alerts detected.
  • We will not provide any type of information to third parts about security, reputation or intelligence needs obtained for our users.
  • We will not carry out any type of study on the data that our users have entered.

An XDR (extended detection and response) automatically collects and correlates data across multiple layers of security: email, endpoint, server, firewall, etc., both in the cloud and on the network. This enables faster detection of threats and better investigation and response times through security scanning. If we add to this the management of security incidents and the generation of metrics and KPIs, we can say that Spidernext is an advanced XDR, It is even capable of performing other functions that XDRs are not capable of, such as automatic incident response using SOAR.

Spidernext SOAR has unique capabilities that clearly differentiate it from other SOAR solutions, addressing aspects that other solutions do not reach, such as the capture and analysis of logs directly from the agent, execution of technical tasks of low level (launch powershell processes, python scripts, SSH commands and much more). All this makes spidernext SOAR the most advanced and versatile SOAR solution available.

If you have any further questions, feel free to contact our experts.