A project on creation a security information and event management system based on MaxPatrol SIEM has been completed at Sinarsky Pipe Plant (SinTZ) which is the part of Pipe Metalurgical Company (TMK).
MaxPatrol SIEM (Security Information and Event Management) system of Positive Technologies was implemented at the enterprise for three months. Specialists from Ural Security System Center (USSC) and SinTZ organized monitoring of information security events at more than 200 assets, including Windows, Linux ASO servers, network firewalls and information security software.
As part of the project, SIEM system was integrated with MaxPatrol 8, the system of monitoring information security and compliance with standards, monitoring of network traffic was configured, and embedded correlation rules were adapted to the plant information infrastructure. In addition to the basic MaxPatrol SIEM package, a regularly updated database of information security threats, USSC specialists have developed expert content that takes into account the specific character of SinTZ business.
"The switch to a new level of protection against cyber threats is especially relevant now when all TMK production facilities are digitalized. Due to professionalism and well-coordinated work of USSC and SinTZ's specialists, the project of SIEM system implementation was completed at a high level within a short time. The system enables to record incidents in a near real-time mode and prevent information security threats; this system significantly increases the reliability of not only the IT infrastructure, but the reliability of production equipment, as well," Vyacheslav Gagarinov, Managing Director of SinTZ, said.
The security information and event management system is usually required for large, economically mature companies, in which IT infrastructure millions of events are generated daily. Implementation of SIEM system at Sinarsky Pipe Plant is an important stage for the enterprise and it enables to develop an integrated information security system," Valentin Bogdanov, General Director of USSC, said.
"MaxPatrol SIEM includes what a company with a distributed IT infrastructure requires: the product is constantly updated due to knowledge increase of Positive Technologies experts on how to detect current threats and at the same time it is easily adapted to the protected network. And due to the combination of MaxPatrol SIEM capabilities with MaxPatrol 8 which has been already used at SinTZ, the enterprise has further strengthened its protection; now it can assess its level of security comprehensively and respond to modern threats in time," Dmitry Sivokon, Director of Positive Technologies Regional Sales Department, said.