Best IT Security Software for Yandex Cloud

The service filters out bots without affecting response time. We use ML models that are trained on datasets with data from many years of experience protecting Yandex's web resources. The datasets are updated regularly. The service generates images independently and does not use pre-made images. This allows it to maintain a human recognition rate of 85% while making it harder for bots to recognise the CAPTCHA. SmartCaptcha runs on the Yandex Cloud, which is compliant with international standards and Russian laws regarding information security. Verify your website without the "I am not a bot" button. Only users who make requests that look suspicious will see the invisible captcha. You can select the level of complexity for the texts that are generated by the service.

Protect your secrets, sensitive data, and personal information in the cloud with keys. Create and delete key, set access policies, perform rotation via the Management Console, CLI or API. Yandex KMS supports both symmetric and asymetric cryptography. Use the REST API or RPC to encrypt, decrypt, and sign data using eSignature schemes. Yandex KMS manages access to encrypted data while you control the physical security and reliability of keys. Hardware Security Modules are available. SDKs in Java or Go can be used to encrypt small amounts. The service integrates popular encryption libraries such as the AWS EncryptionSDK and Google Tink to encrypt large amounts of data. Yandex Lockbox integration allows you to encrypt secret data with your own keys. Managed Service for Kubernetes also allows you to protect secrets and data using encryption keys.

Create secrets using the API or the management console. Your secrets are stored safely in one place and can be easily integrated with cloud services. They are also accessible by external systems via the gRPC API or REST API. Yandex Key Management Service can be used to encrypt your secrets. Secrets are only kept in encrypted form. You can select from pre-configured roles to gain granular access. Set access permissions for reading or managing your secret or its metadata. Create a secret and select a Key Management Service key to securely store your login and password pairs and other sensitive data. A secret can contain any confidential information you have, such as a login-password pair. A login-password combination, server certificate keys or cloud service account key. The service can store multiple versions of data for each secret. This data is stored in an encrypted form by the service. All secrets are replicated across three availability zones.

DDoS Protection can be enabled with a single-click: simply tick the DDoS Protection checkbox when creating a VM and reserving IP addresses for public use. Continuous monitoring allows determining the traffic profile for each resource, and detecting DDoS attacks in almost real-time. To use the service you must tick DDoS Protection when creating your virtual machine or reserving IP addresses. Yandex DDoS Protection filters internet traffic to protected addresses, even when no DDoS attacks are underway, and clears the data at OSI Layers 3 or 4. DDoS protection can be applied to the public IP addresses for VMs and network balancers as well as database hosts.

Load Balancer relies on technologies that run at Layer 4 of OSI. This allows you to process network packets quickly. Load balancers monitor cloud resources and you can set rules for TCP/HTTP checks. Resources that fail to pass the check will not be used. You pay for both the number of load-balancers and the volume of incoming traffic. Outgoing traffic is charged at the same rate as other Yandex Cloud Services. Load balancers are designed to distribute load based upon the client's address and port, network protocol, and resource availability. The load balancer will adjust automatically if the instance group parameters, or members, change. Load balancers do not need to be reconfigured when traffic changes suddenly.

Application Load Balancing runs on OSI Layer 7 and uses HTTP request attributes to form or modify HTTP response. The load balancer logs all requests made to your apps, allowing you to analyze the events. Distribute cloud resources across multiple geographically dispersed availability zones and maintain the availability of your applications even if a zone becomes unavailable. Configure different load balancers if you are using the Yandex Cloud infrastructure for multiple applications. Create new backends to support new app versions. Then, in the HTTP router change the weight between the old and the new backends.

The service aggregates data collected during runtime from different resources to create a log group. Use log groups that are pre-configured or create new ones to suit specific services and applications. Filter entries using queries. Cloud Logging allows you to search by parameters or JSON parameters. Cloud Logging stores, processes and collects logs up to 31-days. Each log group is assigned a separate data storage space. Roles can be used to configure read-only and write-only access. Add data from Cloud Logging as well as diagnostic information from other integrated systems to Grafana in one dashboard.