YCDR (Yandex Cloud Detection and Response) clients will be able to delegate the monitoring and response to security incidents, initially in the cloud and later in hybrid/multi-cloud infrastructures.
YCDR is developed on the basis of Yandex Cloud's proprietary information security incident monitoring and response center and combines expert analysis that takes into account the specifics of cloud attacks, behavioral analytics, and automation of routine actions using AI technologies.
The team actively uses its own SIEM system (SIM — Security Information Management, and SEM — Security Event Management), Security Data Lake (data lake) big data analysis tools, and reputation information, including that collected by Yandex Cloud services.
Applications are now being accepted for participation in the YCDR pilot program. Evgeny Sidorov, Director of Information Security at Yandex Cloud, said:
Over the past year, Yandex Cloud has increased the number of security specialists to 130. Now, the information security team not only ensures the security of the cloud platform, but also develops protection tools for business, including its SOC as a service (SOCaaS). In the future, the service will protect both the cloud environment and the local infrastructure of clients.
