Version: 4.1

Smart Monitor Modules

Core

The foundational module of SM. It coordinates the interaction of other platform modules and provides a single point of access to their functions. Includes an analytical core that implements the SML query language. Based on the SML syntax, it accesses data arrays in various repositories using the universal search technologySmart Monitor.

Incident Manager

The Incident Manager module is a functional solution for managing the lifecycle of incidents in information security, IT infrastructure, anomalous user behavior, and business process errors. The main purpose of the module is to record important events as incidents, as well as to organize the process and provide tools for managing identified incidents.

Inventory

The Inventory module allows you to create a unified database of assets (servers, workstations, network devices, information systems, cluster infrastructure objects) and users, as well as maintain this database in an up-to-date state.

Cyber Security

This module allows you to receive information about the operation of all necessary information security tools (IST) of domestic and foreign production from a single console. The module implements correlation mechanisms between events of various ISTs, which allows identifying information security events that are not detected by any single IST.

MITRE ATT&CK

This module allows you to apply various MITRE ATT&CK scenarios in the protected infrastructure. For example, assess the coverage of techniques with instrumental controls, form specialized threat models and apply them to IT landscape components, detect potential use of techniques based on events from data sources.

UBA

This module provides mechanisms for detecting deviations in the behavior of different types of objects: users, hosts, administrators, information systems, business processes, etc. The universal scoring mechanism allows you to identify potential attackers, compromised accounts, calculate the cybersecurity index, analyze operational efficiency and work discipline, and combat fraud.

Network

The Network module is designed for thorough monitoring of network equipment and responding to possible changes in its network and configurations. The module automatically collects and analyzes data, allowing you to quickly detect a problem and fix it in a timely manner.

Servers

The Servers module aims to optimize resources and control efficiency. It monitors and analyzes server processes and resource utilization (including CPU, memory, and disk activity).

Microsoft Active Directory

This module is designed to manage core domain services and user accounts. For example, storing information about domain administrators and local administrators, identifying accounts that have not logged in for a certain period of time, etc.

Microsoft Exchange

This module manages the operation of the main mail server services and analyzes email flow. It also allows auditing access to mailboxes, instances of mail forwarding, auto-replies, etc. Thanks to the Microsoft Exchange module, the user can easily detect and analyze anomalies in mail traffic.

Core​

Incident Manager​

Inventory​

Cyber Security​

MITRE ATT&CK​

UBA​

Network​

Servers​

Microsoft Active Directory​

Microsoft Exchange​