RST Cloud and SAF Systems Alliance

RST Cloud and SAF Systems Announce Technology Alliance

News

The other day, Enterprise Security published an article about the RST Cloud and SAF Systems technology alliance.

The collaboration will integrate RST Cloud’s Threat Feed and Report Hub products into our Search Anywhere Framework (SAF) solution, enabling enhances incident detection, facilitates efficient incident triage, and reinforces incident response capabilities.

We have joined forces to promote cybersecurity standards in the modern digital world. Our goal is to improve incident detection and to increase the effectiveness of measures to combat the ever-changing challenges of cybersecurity.

Yury Sergeev

CEO of RST Cloud

“The ability to bring CTI data into SAF and access it in real-time empowers the cybersecurity features of the platform.

It significantly optimises the workflow of SOC analysts by saving valuable time and streamlining the decision-making process as now they do not need to switch between different screens and can access the required TI data within the SAF UI. Also, it enhances the quality of response to cybersecurity incidents by providing actionable insights in real-time.”

Alexander Skakunov

SAF Systems founder,
managing partner

"This integration allows us to enable our platform with CTI services in an efficient and user-friendly manner, ultimately enhancing the security posture of organisations.

Among the innovative scenarios currently being explored is Threat Hunting, designed to maximise the utilisation of RST Cloud's data within the SAF platform. This partnership aims to harness the full potential of CTI data.”

useful resources

Threat Intelligence

Welcome to Threat Intelligence Module

News

Threat Intelligence Module

The Threat Intelligence Module of the SAF is a tool that collects, analyzes, and provides information about various types of cyber threats and is actively used to ensure the security of information systems.

The module:

allows for the detection of threats before they actively impact the system through constant monitoring of various data sources;
conducts in-depth analysis of threats, including their characteristics, methods of propagation, targets, and other related information;
automates the process of collecting and analyzing threat information, significantly simplifying and speeding up the process of threat detection and response;
constantly updates its threat database to stay informed about the latest trends and attack methods;

In summary, Threat Intelligence module is an important tool for ensuring the security of your systems. It helps prevent attacks, detect threats at early stages, and develop effective defense strategies.

Integration with RSTCloud

We can provide integration with various TI providers to obtain IoCs (Indicators of Compromise), which will be used within SAF for analysis. Recently, we integrated with one of the TI providers — RST Cloud. In particular, with their RST Threat Feed and RST Report hub systems.

RST Threat Feed collects factual knowledge about threats from various TI sources. It normalizes, filters, enriches, and evaluates the data, and then integrates it into the system.

Read More
RST Report hub allows for the automation of threat report processing and provides access to historical threat reports, even if they have been deleted or become unavailable elsewhere.

Read More

Updates about these reports are integrated into SAF. This way, the SOC operator can quickly and promptly access summary reports about the detected issue directly in the interface.

Examples

Example of Threat Feed Summary

Example of Search Reports

Example of Summary Reports