VSOC spidernext: Integration and modularity

Fully modular, it adapts to the specific needs of the organization, from small organizations to large corporations.

Monitoring the security of systems and assets

The Monitoring the security of systems and assets module provides a powerful ally in the defense of the organization and its assets, monitoring IOCs (Indicators of Compromise) and key information that allows early detection of attacks, especially APTs, even in the initial phase, at the very moment of their gestation.

It obtains information non-intrusively from hundreds of public and private sources that is processed using artificial intelligence to obtain and categorize alerts. And it can be complemented by implementing agents in the client’s infrastructure, which allow internal monitoring.

Data Loss Prevention (DPL) monitoring

Data Loss Prevention (DPL) monitoring module carries out continuous monitoring of sources in search of information related to the organization, with the aim of locating possible information leaks or unwanted exposure of its information.

It obtains information in a non-intrusive way from a multitude of sources and categorizes them according to importance to facilitate their later identification.

Monitorización sistemas y activos

Monitoring attacks against reputation and public image

The monitoring attacks against reputation and public image module performs continuous monitoring of public sources in search of information related to the reputation of the organization.

It obtains information in a non-intrusive way from hundreds of public sources and categorizes them using artificial intelligence, according to importance to facilitate their later identification and review.

Intelligence information monitoring

The Intelligence Information Monitoring module non-intrusively explores public and private sources of information in order to collect information according to the intelligence needs established by it.

It is worth highlighting the ability to detect, through artificial intelligence, the presence in real time of people in images that come from video or television sources.

Vulnerability monitoring and analysis

The vulnerability monitoring and analysis module allows you to easily carry out periodic analysis of the organization’s infrastructure and detect more than 50,000 vulnerabilities in systems and applications.

This tool is available on an appliance or packaged in a fully configured virtual machine that can be deployed very easily in the organization’s infrastructure and, according to the requests made, it will scan the network in search of vulnerabilities, generating alerts and reports of the vulnerabilities detected, as well as the proposed solution to solve them. It is complemented by spidernext monitoring agents.

Alerts from Firewalls, electronics and network devices

The Alerts from Firewalls, electronics and network devices module devices based on agents and APIs, allows covering the monitoring of firewalls and network devices in order to detect security events and their availability

Antimalware / EPPs / EDRs tool alerts

The Antimalware / EPPs / EDRs tools Alerts module allows spidernext to receive events from the antimalware protection tools, classifying them and generating alerts based on them.

There is integration with a multitude of antimalware tool platforms and their integration usually in a non-intrusive way, without the need to implement agents in the organization’s infrastructure.

Endpoint security posture monitoring and hardening

The Endpoint Security Posture Monitoring module allows to identify and control the security posture of the organization’s endpoints that are in a Windows environment.

The security posture is defined by points such as the status of the operating system updates, antivirus, system firewall, installed applications, services that are running, even established connections. This security posture can be defined remotely using Scripts defined for each group of endpoints or generally.

It includes the ability to integrate with the CCN’s CLARA tool to assess endpoint security.

Integration with SIEMs and other tools

Spidenext has the capacity for bidirectional integration with SIEMs and other security tools, allowing the reception and sending of events and alerts between applications in order to share and centralize the control and management of key information on the organization’s security.

Phishing simulation campaign

Training and awareness should also be part of the prevention against attacks, which is why spidernext incorporates a complete Phishing simulation environment, which allows to define email models and carry out Phishing sending simulation campaigns, along with monitoring and Reporting on the actions carried out by the recipients of the emails as well as the results obtained.

spidernext is fully integrable with other security products and solutions, and vice versa