SolaredINsight 6.1 – a visual analytics instrument for internal investigation of incidents

21.07.2016

SolaredINsight 6.1 – a visual analytics instrument for internal investigation of incidents

Solared Cyber Security, developer of products and services for targeted monitoring and operational management of information security, represents an updated version of the first domestic DLP system SolaredINsight 6.1.

Development of a new version of the DLP system required company's specialists to focus on further development of analytical system functionality, included in the sixth version of SolaredINsight.

A new analytical tool which is a part of SolaredINsight 6.1 is represented by a "thermal communication map", which visualizes intensity of personnel communications or traffic flows. The intensity of communications in the context of channels is coded by corresponding colors. This tool provides safety officers with the ability to quickly assess situations, determine potential risks and "hot spots". Using this tool, a security officer can build a map, related to an object or a person, providing interest.

The functionality of user control was also extended by means of analysis of workplace screenshots. Production of images of users' screens can be carried out on the basis of a schedule by pressing of a specified key sequence in an active window or a user application, for example, by pressing the PrintScreen button in the CRM window of the ERP-system or in a design application. All screenshots are now transferred to the "personal profile". The screenshots base is presented in the form of a modern gallery familiar to users for convenient display, search and visualization capabilities. It supports all types of filters, such as the name of an active application. There is also a possibility of obtaining a list of processes and applications running on a workstation at the time of capture.

Another new tool is represented by an enhanced communications map, related to information objects, containing statistics for all communications, connected with transfer and storage of data objects in a given period of time. A previously available capability, related to checking of the map of information object communications was replaced by a new version of the information map. As a result, security officers can assess the overall situation and get details on an object in just one click together with an opportunity to jump to a particular message.

The great attention was paid to the reporting system in the course of development of SolaredINsight 6.1 as in case of previous versions. Results of operation and new tools are available in reports that can be viewed in the web interface of a solution and uploaded into PDF and/or XML formats. There is also an opportunity to customize provision of report newsletters by email to all interested parties on the basis of a set schedule.

The new version continues the policy of import substitution support and gives opportunities of free software application. It significantly expands the possibility of PostgreSQL implementation, the support of which was added in 2005. In addition, mechanisms of long-term storage of large data sets were reworked and now they are non-inferior in comparison with commercial databases.

Igor Lyapunov, general director of the Solared Cyber Security company, said: "Previously, DLP systems had been purchased in order to deal with leaks of information, but in the past few years we can see a growing interest from the point of customers, related to analytical functionality that would allow us to identify cases of corporate fraud within organizations. Security personnel, working in most major Russian companies, is represented by experienced employees who use methods for analysis of personnel communications and are able to detect even the most sophisticated fraud schemes in companies. In such a way we are concentrated on development of such tools, which can provide them with necessary information in the best way. We believe that the future belongs to intelligence and identification of threats at an early stage".