- May 29, 2019
May 29, 2019 – CyberX, the IoT and industrial control system (ICS) security company, announced an Open Development Environment (ODE) designed to make it easy for organizations to secure unmanaged IoT and ICS devices running proprietary protocols.
The Horizon Protocol ODE enables customers and partners to develop, test, and deploy custom protocol dissectors for CyberX’s cybersecurity platform, without divulging proprietary information about how the protocols are designed or sharing network packet captures (PCAPs) that may contain sensitive information. Dissectors are plug-ins that decode network traffic so it can be processed by automated network analysis programs.
With Horizon, customers and partners can integrate custom dissectors into the CyberX platform and leverage an array of automated Deep Packet Inspection (DPI) services, including: asset and firmware identification; risk and vulnerability management; continuous threat monitoring using patented M2M-aware behavioral analytics; and IoT/ICS threat intelligence. The platform also provides built-in support for integrating with a wide range of security stacks used in modern SOCs (Splunk, IBM QRadar, ServiceNow, Palo Alto Networks, Cisco, HP Aruba, etc.).
Horizon addresses a challenge for securing IoT and ICS environments because equipment vendors that design proprietary protocol systems typically do not disclose their technical information to third parties. And in many critical infrastructure and industrial organizations, it’s a violation of compliance regulations or corporate policy to share sensitive network traffic information with external organizations.
Horizon also enables customers and partners to localize messages and reports into any language they choose, making CyberX accessible to organizations in any part of the world.
Additionally, Horizon is an open framework enabling customers and partners to:
- Modify text in alerts and reports to meet organizational requirements
- Customize support for standard protocols, such as when using non-standard ports
- Monitor dissectors in real-time to understand how they’re performing (memory, bandwidth, etc.) and make sure they’re working correctly