Detect Anomalies to Sound the Alert
ICS CyberVision learns to detect abnormal behaviors in order to adapt to any situation and alert you even in the event of an unknown attack
If an attacker succeeds in getting through your firewalls and is not detected by your anti-virus system, he will be able to infiltrate your industrial control system to modify controller programming, change the set points and the parameters, and modify your processes. Detecting an OT attack requires the modeling of your infrastructure and your processes in order to automatically identify any deviation.
ICS CyberVision uses a Machine Learning algorithm to automatically discover the way your industrial infrastructure operates normally. Over time, it learns all the legitimate behaviors in order to be able to detect an abnormal event instantly. In this way you can detect the warning signs of an attack and create alarms to cover all scenarios.
ICS CyberVision learns to classify detected events as legitimate or malicious
Its anomaly detection mechanism adapts to your operational imperatives, becoming more and more accurate to eliminate false positives and alert you intelligently.
With its Machine Learning algorithm, ICS CyberVision creates baselines that define the reference behaviors of your infrastructure
You can create your own baselines to model each behavior of your production infrastructure and set rules that will trigger alerts. For example, to check that procedures are being respected or to be informed when remote access is used.
ICS CyberVision compares each event with the established baselines to detect abnormal behaviors and alert you even in the event of an unknown attack or simply if a device is defective or misconfigured
Customizable views will alert you by displaying anomalies in a universal language that shows the impact of each message on your process. You will immediately understand what is happening and you can take action before it’s too late.