The TssT Tecninf Security Smart Tool was created under the growing pressure of the worldwide diffusion of the cyber attack surface, as well as the urgent need to have an Italian product of IT security, completely created and developed by a team of Italian cybersecurity experts.
In addition, the TssT gives maximum capacity for action to CISOs, in their daily activity of repression of cybercrime and to security analysts, by enhancing analysis skills. Furthermore, it supports SOC (Security Operation Centers) in the daily monitoring of the cybersecurity landscape.
TECNINF SECURITY SMART TOOL
TssT is a specialized product to work in complete affinity with SIEM systems, a specialized product to perform SOAR automation functions.
It is composed of a set of vertical cybersecurity features, able to protect an infrastructure no longer passively or reactively, but actively.
DASHBOARD / AGENT INFRASTRUCTURE
The TssT is based on a Dashboard / Agent infrastructure system.
The software is installed on Debian OS and Docker containers, which perform some vital functions. All this gives the feature of extreme portability to its core engine, even on a Windows based system.
Developed using the Java Spring Boot and React framework, it uses an API layer and a set of open-source and paid sources to intercept global attacks.
It is able to detect news about cyber attacks worldwide, reporting the description of the indicators of compromise (IOC).
Furthermore, there is a filter to highlight only the news detected by the TECNINF Intelligence Group (TIG).
In the module there is an option to get Italian news.
News can be sent to a customer list or to the supply chain by email.
The news is collected from paid open source sources.
The Threat Map module displays world attacks by indicating the progress of the cyber attack on the world map, categorizing it, and geolocating the event path from source target to destination.
It is the core module of TssT, it allows you to actively defend the infrastructure by counterattacking the targets detected as attackers.
The module consists of several phases:
It allows you to run Malware Analysis in two ways:
It is the module for intercepting anomalous devices in the protected infrastructure. Through a monitoring script it detects and analyzes the rouge device, putting it in the black list.
In addition, it alarms the control structures, and blocks the device on the perimeter firewalls and on the IPS probes of the protected infrastructure.
It is able to remotely install the TssT agent, directly from the agent dashboard repository, without manual intervention.
The module uses the Openvas open source framework to scan targets for known vulnerabilities.
The module makes use of the open source Zabbix framework, to detect the performance of the type of band used in the network, or by individual clients.
TROUBLE TICKET (TT)
Allows you to open a support TT directly from the dashboard, the TT will be automatically taken over by the Tecninf specialized assistance technicians.