SMIDDLE SECURITY ADMINISTRATION PLATFORM

The Smiddle Security Administration Platform (SSAP) software solution is a modular integration subsystem designed to scale and increase the effectiveness of the Security Operations Center (SOC) through the timely enrichment of cyber security systems. SSAP allows you to adjust the load and make more efficient use of firewalls (for example, Cisco FirePOWER) by setting the rules for generating compromise indicator ratings for priority system enrichment.

In order to efficiently exchange data, synchronizing the SSAP solution and the MISP (Malware Information Sharing Platform) allows you to efficiently enrich firewalls and other corporate security systems for timely response to cyber threats.

The user of the MISP platform, depending on his access rights, is able to:

Configure the rules for storing downloaded by IOC

Configure the rules for the exchange of IOC between the MISP servers included in the integration.

The SSAP interface has a differentiation system for access rights and levels. An administrative user can restrict operator access to certain functions or modules.

SMIDDLE SECURITY ADMINISTRATION PLATFORM

Aggregation
Module (SAM)

Distribution
Module (SDM)

Inventory
Module (SIM)

Security Aggregation Module (SAM)
Control of compromize indicators Security

Display of the IOC indicators currently loaded into the system, structured by categories and criteria;
Connection of third-party validators;
Display of the IOC indicators, which were not rejected at the preprocessing stage;
Creation, export, and import of Whitelists;
Correlation according to the Whitelists;
Export of the IOC indicators, which were not rejected at the post-processing stage and were correlated according to the Whitelists, to MISP;
Download of all IOCs by a specified malicious code or a hacker company from the specified URL;
Setting up IOC validation methods by criteria of entering other sources and of cleaning IOC from garbage values;
Display of the IOC indicators defined by certain metrics, marking by categories;
System configuration.

SECURITY DISTRIBUTION MODULE (SDM)
Intelligent Firewall Enrichment

Subscription management;
User profile management;
Generating the rules for import of IOC from MISP according to the criteria of the user's system, for example, relevance, timestamp and indicator type;
Configuring permanent links to download IOC by selected criteria;
Display of hit statistics in a general context and according to the rules for import of IOC loaded into the corresponding MISP.

SECURITY INVENTORY MODULE (SIM)
Endpoint analytics processing

Queries of firewall systems regarding the validity of licenses, subscriptions, downloaded lists of TID (Threat Intelligence Director).
Display of the statistics regarding the relevance of the rules implemented in firewall systems;
Receiving notification of the end of a license, subscription.

Request a demo

MAIN FUNCTIONAL SSAP SOLUTION

Flexible IOC Import Management
IOC marking by user criteria
Analysis and cross-validation of IOC according to administrator-defined rules
Effective optimization of compromise indicators from the MISP platform
Correlation of indicators of compromise according to White lists
Generation of statistics on the relevance of implemented rules
Control over the relevance of the license/subscription, notification of termination
System of differentiation of rights and levels of access to individual functions or modules
Load optimization and efficient use of firewalls
Loading IOC indicators from a local resource (Ad Hoc Input)

Smiddle Security Administration Platform – a modern solution for the effective protection of information from external cyberthreats.

Request a demo