vSOC spidernext: Integration and modularity

Fully modular, it adapts to the specific needs of the companies, from small organizations to large corporations.

Spidernext vSOC Modules

The spidernext solution is fully modular, adapting to the specific needs of each organization, from small organizations to large corporations. Only the necessary modules can be contracted according to the requirements of each organization.

Module 1:
Monitoring the security of systems and assets
Module 2:
Data Loss Prevention (DPL) detection
Module 3:
Detecting attacks against reputation and public image
Module 4:
Intelligence information monitoring
Module 5:
Vulnerability monitoring and analysis

Module 6:
Alerts and events from security equipment, electronics and network devices
Module 7:
Alerts and events from security solutions
Module 8:
Security posture monitoring and hardening of systems
Module 9:
Integration with SIEMs and other tools
Module 10:
Phishing simulation campaign

Monitoring the security of systems and assets

The Monitoring the security of systems and assets module provides a powerful ally in the defense of the organization and its assets, monitoring IOCs (Indicators of Compromise) and key information that allows early detection of attacks, especially APTs, even in the initial phase, at the very moment of their gestation.

It obtains information non-intrusively from hundreds of public and private sources that is processed using artificial intelligence to obtain and categorize alerts. And it can be complemented by implementing agents in the client’s infrastructure, which allow monitor the internal infrastructure and obtain the security posture, alerts and events of the protection solutions, the users and the systems themselves.

Data Loss Prevention (DPL) detection

Data Loss Prevention (DPL) detection module carries out continuous monitoring of sources in search of information related to the organization, with the aim of locating possible information leaks or unwanted exposure of its information.

It obtains information in a non-intrusive way from a multitude of sources and categorizes them according to importance to facilitate their later identification, classification and review.

Detecting attacks against reputation and public image

The Detecting attacks against reputation and public image module performs continuous monitoring of public sources in search of information related to the reputation of the organization.

It obtains information in a non-intrusive way from hundreds of public sources and categorizes them using artificial intelligence, according to importance to facilitate their later identification, classification and review.

Intelligence information monitoring

The Intelligence Information Monitoring module explores public and private sources of information in order to collect information according to the intelligence needs established by it. It is worth highlighting the ability to detect, through artificial intelligence, the presence in real time of people in images that come from video or television sources for the organization.

It obtains information in a non-intrusive way from public sources and categorizes them using artificial intelligence, according to importance to facilitate their subsequent identification, classification and review.

Vulnerability monitoring and analysis

The vulnerability monitoring and analysis module allows you to easily carry out periodic analysis of the organization’s infrastructure and detect more than 50,000 vulnerabilities in systems, applications and available services.

This tool it is offered as an appliance or packaged in a fully configured virtual machine that can be deployed very easily in the organization’s infrastructure and, according to the requests made, it will scan the network in search of vulnerabilities, generating alerts and reports of the vulnerabilities detected, as well as the proposed solution to solve them.

Alerts and events from security equipment, electronics and network devices

The Spidernext SOAR agent (Security Orchestration, Automation and Response) allows the capture of alerts and events from the different security devices implemented in the organization. It allows capturing LOGS or events sent through the standard UDP protocol, identifying them through correlation and Artificial Intelligence, processing them and generating alerts based on these processes. It includes the ability to interconnect, if necessary, with other third-party systems, solutions or tools, with which you can exchange information or request the execution of processes or actions to immediately deal with security events or incidents.

Alerts and events from security solutions

The Syslog module also has the ability to correlate, recognize and profile specific alerts provided by Antimalware / EPPs / EDRs tools. You can also receive alerts from other information leak detection or prevention solutions (DLP), Mobile Device Management (MD), Security Information and Event Management system (SIEM), Intrusion Detection Systems (IDS / IPS), network access control solutions (NAC), Identity and Access Management solutions (IAM), Privileged Identity Management systems (PAM), etc.

Security posture monitoring and hardening of systems

Our SOAR agents also allow the Monitoring of security posture and hardening of servers and endpoints, they allow to identify and control the security tools and configurations implemented in the organization’s systems.
The security posture is defined by points such as the status of operating system updates, antivirus, system firewall, installed applications, configurations, services that are running, even established connections, including GPOs (Security Policies) and configurations implemented on the safety of users.

Integration with SIEMs and other tools

Spidenext has the capacity for bidirectional integration with SIEMs and other security tools, allowing the reception and sending of events and alerts between applications in order to share and centralize the control and management of key information on the organization’s security.

Phishing simulation campaign

Security Management Systems (SGSI) such as ISO 27001, the National Security Scheme (ENS) and others such as NIST, PCI-DSS, GDPR, etc., require that events, incidents and the effectiveness of measures implemented, are measurable. Spidernext has a module that allows these metrics and KPIs to be obtained automatically from all the information collected, from that which comes from security events to that which emanates from the incidents themselves, including criticality, classification, even time spent in solve them. This capacity and flexibility in the generation of metrics provides an extremely important added value to the organization and facilitates compliance with the requirements of Information Security Management Systems.