Challenge

Energy sector is an attractive target for cyberattacks. A successful cyberattack on nuclear power plant could have devastating consequences. Therefore, nuclear power plants have to take measures and ensure that their information infrastructure is protected against cyber threats.

Solution

Supply, implementation and configuration of security information and event management system using AlienVault and DELL solution. Configured systems are collecting events from operating systems, hardware appliances, applications, database management systems, mass storage devices, switchboards, UPS, etc.

Services provided

  • Establishment of centralized log collection system from infrastructure components by a unified security information and event monitoring (SIEM);
  • Creation and deployment of custom correlation rules in access management, network and applications security, audit and monitoring areas;
  • Deployment of unified SIEM system;
  • Adjustment of source logs‘ parameters;
  • Normalization of source logs’ information in the SIEM system;
  • Testing of unified SIEM system;
  • Definition of reporting requirements (reports, response triggers, etc.) for SIEM system;
  • Configuration of SIEM system according to reporting requirements;
  • Training of the Client’s staff on SIEM’s calibration, administration, technical maintenance and use of its functionalities;
  • 24 month support.