Detect Anomalies and Intrusions
To secure your industrial network, you need to take a holistic approach. ICS CyberVision combines protocol analysis, intrusion detection and behavioral analysis to detect any attack tactic
An attack on an Industrial Control System is always the result of an intrusion, then a long period of maturation during which the cyber criminal will move in your network to find a security breach. He will then modify controller programms, change the set points and the parameters, and modify your processes.
To detect an OT attack with certainty, ICS CyberVision offers a variety of mechanisms: intrusion detection, behavioral analysis to identify the slightest deviation from normality, protocol decoding to check variables and instructions, etc. You can now detect the warning signs of an attack and create alarms covering all scenarios.
Capitalize on the huge database of attack signatures to immediately identify known threats
The ICS CyberVision Intrusion Detection System (IDS) uses the thousands of signatures available to alert you when a known malicious behavior is identified: lateral movement, malware infection, denial of service, c2 callback, etc. Add your own signatures and those developed by Sentryo specifically to detect OT threats identified by Sentryo Lab researchers.
Analyse each event to detect abnormal behaviors and identify unknown attacks or faulty devices
ICS CyberVision lets you create baselines to model each behavior of your production infrastructure and set rules that will trigger alerts to the slightest deviance, such as changing PLC variables, using a remote access or improper configuration of equipment. Anomalies are presented in a universal language that shows their impact on your process.
Eliminate false positives to generate alerts that can automate responses
With its Machine Learning mechanism, ICS CyberVision learns to classify as legitimate or malicious events it detects and make anomaly detection even more accurate. The Sentryo Lab researchers also develop artificial intelligence and deep learning algorithms to automatically analyze the vast amount of data generated by your industrial network and adapt to your operational requirements (a machine replacement must not generate alarms) to alert you intelligently.