VSOC spidernext: Integration and modularity

Fully modular, it adapts to the specific needs of the companies, from small organizations to large corporations.

Monitoring the security of systems and assets

The Monitoring the security of systems and assets module provides a powerful ally in the defense of the organization and its assets, monitoring IOCs (Indicators of Compromise) and key information that allows early detection of attacks, especially APTs, even in the initial phase, at the very moment of their gestation.

It obtains information non-intrusively from hundreds of public and private sources that is processed using artificial intelligence to obtain and categorize alerts. And it can be complemented by implementing agents in the client’s infrastructure, which allow monitor the internal infrastructure and obtain alerts and security events from the protection tools.

Data Loss Prevention (DPL) detection

Data Loss Prevention (DPL) detection module carries out continuous monitoring of sources in search of information related to the organization, with the aim of locating possible information leaks or unwanted exposure of its information.

It obtains information in a non-intrusive way from a multitude of sources and categorizes them according to importance to facilitate their later identification, classification and review.

Monitorización sistemas y activos

Detecting attacks against reputation and public image

The Detecting attacks against reputation and public image module performs continuous monitoring of public sources in search of information related to the reputation of the organization.

It obtains information in a non-intrusive way from hundreds of public sources and categorizes them using artificial intelligence, according to importance to facilitate their later identification, classification and review.

Intelligence information monitoring

The Intelligence Information Monitoring module non-intrusively explores public and private sources of information in order to collect information according to the intelligence needs established by it. It is worth highlighting the ability to detect, through artificial intelligence, the presence in real time of people in images that come from video or television sources for the organization.

It obtains information in a non-intrusive way from hundreds of public sources and categorizes them using artificial intelligence, according to importance to facilitate their subsequent identification, classification and review.

Vulnerability monitoring and analysis

The vulnerability monitoring and analysis module allows you to easily carry out periodic analysis of the organization’s infrastructure and detect more than 50,000 vulnerabilities in systems, applications and available services.

This tool it is offered as an appliance or packaged in a fully configured virtual machine that can be deployed very easily in the organization’s infrastructure and, according to the requests made, it will scan the network in search of vulnerabilities, generating alerts and reports of the vulnerabilities detected, as well as the proposed solution to solve them.

Alerts and events from security tools, electronics and network devices

The Spidernext Syslog Server module allows the capture of alerts and events from the different tools and security devices implemented in the organization. It allows capturing any format of events sent through the standard UDP protocol, identifying them through correlation and Artificial Intelligence, processing them and generating alerts from these processes. It includes the ability to make calls or send instructions to third-party tools to immediately and automatically execute protection actions or processes.

Antimalware / EPPs / EDRs tool alerts

The Syslog module also has the ability to correlate, recognize and profile specific alerts provided by Antimalware / EPPs / EDRs tools. You can also receive alerts from other information leak detection or prevention solutions (DLP), Mobile Device Management (MD), Security Information and Event Management system (SIEM), Intrusion Detection Systems (IDS / IPS), etc.

Endpoint security posture monitoring and hardening

The Endpoint Security Posture Monitoring agents allow to identify and control the security tools and configurations implemented in the organization’s endpoints that are under the Windows environment.

The security posture is defined by points such as the status of the operating system updates, antivirus, system firewall, installed applications, configurations, services that are running, even established connections. This security posture can be defined remotely using Scripts defined for each group of endpoints or generally.

It includes the ability to integrate with the CCN’s CLARA tool to assess endpoint security.

Integration with SIEMs and other tools

Spidenext has the capacity for bidirectional integration with SIEMs and other security tools, allowing the reception and sending of events and alerts between applications in order to share and centralize the control and management of key information on the organization’s security.

Phishing simulation campaign

Security Management Systems such as ISO 27001, the National Security Scheme (ENS) and others, require events, incidents and the effectiveness of the security measures implemented, are measurable. Spidernext has a module that allows to obtain these metrics and KPIs in an automated way from all the information collected, from that which comes from security events to that which comes from the incidents themselves, criticality, classification, even time spent in solving them. This capacity and flexibility in the generation of metrics, provides an added value of great importance to the organization.

Phishing simulation campaign

Training and awareness should also be part of the prevention against attacks, which is why spidernext incorporates a complete Phishing simulation environment, which allows to define email models and carry out Phishing sending simulation campaigns, along with monitoring and Reporting on the actions carried out by the recipients of the emails as well as the results obtained.

Spidernext is fully integrable with other security products and solutions, and vice versa.