INFORMATION SECURITY INCIDENT RESPONSE TOOLING ENVIRONMENT

Article Sidebar

PDF (Русский)
Published Dec 25, 2024

Main Article Content

Александр Сергеевич Белоногов
Максим Геннадьевич Будник
Андрей Витальевич Мельников

Abstract

The article examines the interaction of an open IRP system developed by the international community with Russian-made firewalls. Based on the functions of the "TheHive" system, the functionality for blocking attacks from the external perimeter is implemented. The algorithm of the module for interaction with firewalls to prevent computer attacks is presented, for the development of which the Python language is used, in particular, the textFSM module. The result is an IRP system with an implemented user response function, which can serve as a technological basis for the work of the Security Center (SOC).

Article Details

Issue
Vol 4 No 54 (2024): Journal of the Ural Federal District. Information security
Section
Methods and systems of information protection, information security
Author Biographies

Александр Сергеевич Белоногов

Head of the Center for Network Technologies and Telecommunications, Ugra Research Institute of Information Technologies. 628011, Khanty Mansiysk, Mira str., 151.

Максим Геннадьевич Будник

Head of the IT Infrastructure Development and Automation Department of the Center for Network Technologies and Telecommunications, Ugra Research Institute of Information Technologies. 628011, Khanty Mansiysk, Mira str., 151.

Андрей Витальевич Мельников

Doctor of Technical Sciences, Professor, Director, Ugra Research Institute of Information Technologies. 628011, Khanty-Mansiysk, Mira str., 151.