- February 09, 2016
February 9, 2016 - Indegy introduces industrial cyber security platform that eliminates operational blind spots by detecting changes to controllers regardless of whether they are performed over the network, locally on the device, by malware, or a human being.
By detecting logic changes to controllers that manage power grids, gas pipelines and manufacturing facilities, it provides advanced protection against cyber attacks, insider threats and unauthorized modifications.
To gain the visibility needed to detect and respond to unauthorized ICS changes, control-layer activity must be monitored. This includes modifications to controller logic, configurations, firmware downloads and any variations in controller state. However, industrial networks were designed before cyber threats existed, so they lack security controls common in IT infrastructures. More importantly, ICS technologies use proprietary, undocumented protocols to modify controller settings. This prevents engineers and security personnel from detecting control-layer activity, since they can only monitor process parameter changes performed over known protocols like MODBUS or DNP3.
It automatically discovers all controllers on ICS networks and routinely validates their logic, firmware version and configuration to identify any unauthorized or unintended changes. Indegy also monitors and logs all network activity including instructions sent to controllers such as modifying the temperature, pressure, rotation speed, etc. of operational equipment.
To enable industrial engineers and security staff to quickly pinpoint operational problems and respond to cyber attacks, insider threats and human error, the Indegy platform generates policy-based real-time security alerts. Indegy also assists engineering personnel with built-in applications for asset management, configuration control, backup and recovery. In addition, comprehensive reports allow facilities operators to demonstrate compliance with various regulations. Delivered as a turn-key network appliance, the Indegy platform is agentless, non-intrusive and deploys without disrupting operations. It supports seamless integration with third party software including SIEM, configuration management databases (CMDB) and other applications through an easy to use RESTFul API.