INVESTIGATION OF INFORMATION SECURITY INCIDENTS RESPONSE PLATFORMS

Authors

  • Artem Olegovich Mahnev Irkutsk State Transport University
  • Nina Petrovna Dekanova Irkutsk State Transport University

Keywords:

information security, response automation system, information security incidents, information security event

Abstract

Incident management platforms help security administrators quickly identify and investigate incidents, manage their work until the point of closure, and automate incident response tasks to ensure faster resolution of identified incidents.

Incident management is a complex technology that requires skilled IT engineers and analysts to manage and support. When implementing a system, you need to understand that it is not a universal remedy for eliminating all attacks and incidents related to information security.

References

ГОСТ Р ИСО/МЭК ТО 18044-2007. Information technology. Security techniques. Information security incident management [Electronic resource]. – URL http://docs.cntd.ru/document/1200068822 (07.05.2022).

Positive Technologies. Actual cyber threats: results of 2021 [Electronic resource]. – URL https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2021/ (06.05.2022).

Bodrik A.P. Market Overview of Incident Response Platforms (IRP) in Russia. [Electronic resource]. – URL https://www.anti-malware.ru/analytics/Market_Analysis/incidentresponse-platforms -irp-in-russia/ (20.04.2022).

Jet. Sysrem Jet Signal [Electronic resource]. – URL https://jet.su/services/software-development/products/jet-signal/ (06.05.2022).

Security Vision. Система Security Vision IRP [Electronic resource]. – URL https://www.securityvision.ru/products/irp/ (06.05.2022).

R-Vision. System R-Vision Incident Response Platform [Electronic resource]. – URL https://rvision.pro/irp/ (06.05.2022).

Panasenko A. Automating incident response using scripts (playbook) using the example of R-Vision IRP [Electronic resource]. – URL https://www.anti-malware.ru/practice/methods/R-Vision-IRP (18.05.2022).

Published

2023-05-31

How to Cite

Махнев, А. О., & Деканова, Н. П. (2023). INVESTIGATION OF INFORMATION SECURITY INCIDENTS RESPONSE PLATFORMS. The Electronic Scientific Journal "Young Science of Siberia", (1(19). Retrieved from https://ojs.irgups.ru/index.php/mns/article/view/766

Issue

Section

Computer science and engineering