We are pleased to announce the launch of a special campaign dedicated to Children's Day! Our company offers an express pentest of your infrastructure for only 50,000 tenge. The duration of the pentest is 1 week. As part of this promotion, we guarantee the confidentiality and security of the work carried out.

The test result will be a detailed report with identified vulnerabilities and recommendations for their elimination. To use our service, you must send a request by e-mail info@cyberbits.ru , fill out the questionnaire, sign the contract and the NDA.

The promotion is held until August 31. Do not miss the opportunity to ensure the safety of your business and help children in need of support. The funds received will be used to help children.

*Enterprises of any form of ownership, financial organizations, as well as companies with at least 500 computers can participate in the action.

Submit an application

At the moment, the IB project teams include engineers, analysts, technical writers, as well as information security project managers. Our project teams include information security specialists with knowledge and practical skills, confirmed by both state-issued diplomas and certificates of recognized international standards in the field of information security: CISA, CISM, CGEIT, OSCP, CEH, OSWE.

The company's core areas are:

• Protection of personal data information systems. Certification of the information system.
• Protection of critical information infrastructure facilities.
• Conducting penetration testing (security analysis).

Solutions for creating a closed cycle of information security in an organization:

• Information security audit, as well as the development of "roadmaps" for the development of information security to build your own SOC.
• Designing and creating processes for working with the SIEM system. Creation of a single monitoring center using data obtained from different SIEM systems.
• Cyberpolygon and Security Awareness (SA) solutions allow you to fulfill the training requirements of the personnel of a significant facility.
• We take into account the specifics and requirements of organizations, therefore, we offer solutions that can be deployed both in the cloud and inside the controlled area of your organization with the possibility of updating without using the global Internet.

Our engineers have experience in designing and implementing such information security tools as: Secret Net Studio, EZ "Sobol", APC "Continent", vGate, Dallas Lock, ViPNet HW, ViPNet Client, S-Terra, MaxPatrol SIEM, MaxPatrol 8, XSpider, PT Application Firewall, PT ISIM, KES, KICS, InfoWatch Traffic Monitor, Device Lock, R-Vision IRP, Cyberpolygon, Fortinet, Check Point, Imperva WAF & DAM, Micro Focus ArcSight, Splunk, Cisco ASA, etc.

The high level of our competencies is confirmed by a large number of successfully implemented information security projects, specialized education, additional training and the presence of our specialists with academic degrees in information security, numerous publications, as well as presentations at conferences and webinars.

Very soon, the IB Code will arrive in St. Petersburg on April 18 📍 LENPOLIGRAFMASH Congress Center. 3 Medikov Ave., building 5

The IB Code conferences provide an opportunity to share experiences, learn about new technologies and discuss current topics and tasks in the field of cybersecurity with the best specialists from different parts of the country.

🔹At the introductory discussion "Technologies. Processes. People." we will discuss the landscape of threats, personal data leaks, interaction with business, improving the culture of information security, etc.

🔹We will hold a dialogue with the regulator and receive clarifications on current issues from representatives of government agencies

🔹The sessions "Technologies" and "Experience" will give participants the opportunity to study the experience of IB market players and find solutions suitable for their company, as well as following the results of the master class, we analyze the participants' questions in a dialogue format.

🔹The conference program includes not only expert presentations, but also staff cyber training under the guidance of experienced specialists, where participants will analyze an approximate scenario of exercises, strategies and tactics of intruders, think over in detail the sequence of response and elimination of consequences of an organized attack on a virtual (fictional) organization.

🔹And after the official part, they are waiting for us:

— informal dinner,

— round table with students,

— excursion program.

Do not miss the opportunity to immerse yourself in the world of information security, communicate with colleagues on the shop floor and update your knowledge.

💥Join us!

Spacebit has expanded the functionality of the X-Config system to manage software configuration vulnerabilities

Spacebit, a Russian developer of information security solutions, has updated the vulnerability management system for X-Config software configurations. The new version has expanded the possibilities for authentication in the serviced resources and improved the convenience of working with reports.

Significant changes have affected the implementation of authentication in the resources controlled by X-Config. You can now access protected Linux-based resources without using a password, using an SSH key. As part of the system implementation projects, depending on the customer's needs, other modern authentication methods are also supported, which will be available out of the box in future releases.

Multiple authentication is implemented to access the application software settings. In the X-Config interface, when configuring connection properties to serviced resources, various types of software binding are now available (to the operating system, to databases, etc.), which has made it more convenient to organize checks of application software that requires its own authentication, other than authentication on the platform. The vendor plans to expand this functionality. In particular, the verification of a group of entities of the same type located on the same resource, for example, several database instances, will be optimized.

Analysis of vulnerability reports in the new version of X-Config has become more accessible and convenient for information security specialists. Reports in Microsoft Word format are now uploaded not to a single file, but to an archive that contains general verification statistics and separate files with detailed reports for each scanned resource. In the future, new types of reporting will be available to users, for example, on the delta of changes between reports, and they can be uploaded in CSV format. For more information and clarity, it is planned to develop a dashboard with the possibility of retrospective analysis of statistics.

Spacebit is actively working on automating additional elements of the software configuration security control process. At the stage of inventory of the IT infrastructure, X-Config began to automatically determine the type of resource being serviced (Windows/Linux), which significantly reduces the number of manual actions of responsible information security specialists. The next step is to automate the application of secure settings, as well as adding a number of filters to form dynamic resource groups.