The integration of RST Cloud and Security Vision products will allow customers to use an expanded up-to-date database of indicators based on more than 260 open sources in cyber intelligence and incident management processes.
RST Cloud, a supplier of indicators of compromise, and Intellectual Security, which creates advanced Russian solutions in the field of management and automation of information security processes on the SecurityVision platform, have ensured the technological compatibility of their products. The main advantages of integration:
Now Security Vision users will receive processed data from both widely known and highly specialized unstructured sources (such as open reports on the operation of malware and gangs). Hard-to-handle sources of indicators of compromise such as Twitter, Github and Pastebin will be added to the work of SOC line operators, ensuring day-to-day relevance and the fastest possible preventive response. In addition to systematizing heterogeneous and hard-to-reach information, with the participation of the RST Cloud expertise, the Security Vision platform will be enriched with additional context with credibility and criticality assessments, which will allow more accurate and quick response decisions.
“The use of open sources of TI in the work is necessary since in fact, it gives access to a huge useful array of data on current threats. But working with open unstructured sources is hampered by the need for time-consuming data processing. It is this main task that the RST Cloud platform solves, giving its clients a processed and filtered array of data on indicators of compromise in a human-readable