EN
Smiddle Security Administration Platform

A software solution for information and cybersecurity that increases the effectiveness of security systems
and takes them to a new level by prioritizing the enrichment of critical indicators of compromise

 

Request a demo
Smiddle Security Administration Platform
Smiddle Security Administration Platform

Smiddle Security Administration Platform SMIDDLE SECURITY ADMINISTRATION PLATFORM

The Smiddle Security Administration Platform (SSAP) software solution is a modular integration subsystem designed to scale and increase the effectiveness of the Security Operations Center (SOC) through the timely enrichment of cyber security systems. SSAP allows you to adjust the load and make more efficient use of firewalls (for example, Cisco FirePOWER) by setting the rules for generating compromise indicator ratings for priority system enrichment.

In order to efficiently exchange data, synchronizing the SSAP solution and the MISP (Malware Information Sharing Platform) allows you to efficiently enrich firewalls and other corporate security systems for timely response to cyber threats.

 

The user of the MISP platform, depending on his access rights, is able to:

Configure the rules for storing downloaded by IOC
Configure the rules for the exchange of IOC between the MISP servers included in the integration.
The SSAP interface has a differentiation system for access rights and levels. An administrative user can restrict operator access to certain functions or modules.

SMIDDLE SECURITY ADMINISTRATION PLATFORM

Aggregation Module (SAM)
Aggregation
Module (SAM)
Distribution Module (SDM)
Distribution
Module (SDM)
Inventory Module (SIM)
Inventory
Module (SIM)
 
Security Aggregation Module (SAM) 
Control of compromize indicators Security
  • Display of the IOC indicators currently loaded into the system, structured by categories and criteria;
  • Connection of third-party validators;
  • Display of the IOC indicators, which were not rejected at the preprocessing stage;
  • Creation, export, and import of Whitelists;
  • Correlation according to the Whitelists;
  • Export of the IOC indicators, which were not rejected at the post-processing stage and were correlated according to the Whitelists, to MISP;
  • Download of all IOCs by a specified malicious code or a hacker company from the specified URL;
  • Setting up IOC validation methods by criteria of entering other sources and of cleaning IOC from garbage values;
  • Display of the IOC indicators defined by certain metrics, marking by categories;
  • System configuration.
SECURITY DISTRIBUTION MODULE (SDM)
 Intelligent Firewall Enrichment
  • Subscription management;
  • User profile management;
  • Generating the rules for import of IOC from MISP according to the criteria of the user's system, for example, relevance, timestamp and indicator type;
  • Configuring permanent links to download IOC by selected criteria;
  • Display of hit statistics in a general context and according to the rules for import of IOC loaded into the corresponding MISP.
SECURITY INVENTORY MODULE (SIM)
Endpoint analytics processing
  • Queries of firewall systems regarding the validity of licenses, subscriptions, downloaded lists of TID (Threat Intelligence Director).
  • Display of the statistics regarding the relevance of the rules implemented in firewall systems;
  • Receiving notification of the end of a license, subscription.
Request a demo

MAIN FUNCTIONAL SSAP SOLUTION

  •  Flexible IOC Import Management
  •  IOC marking by user criteria
  •  Analysis and cross-validation of IOC according to administrator-defined rules
  •  Effective optimization of compromise indicators from the MISP platform
  •  Correlation of indicators of compromise according to White lists
  • Generation of statistics on the relevance of implemented rules
  •  Control over the relevance of the license/subscription, notification of termination
  •  System of differentiation of rights and levels of access to individual functions or modules
  •  Load optimization and efficient use of firewalls
  •  Loading IOC indicators from a local resource (Ad Hoc Input)

 

Smiddle Security Administration Platform  –  a modern solution for the effective protection of information from external cyberthreats.

Contact us now to learn more about the solution!

Request a demo