The Cyberx
Platform
PLUG ’N PROTECT
Perimeter firewalls and conventional ICS/SCADA defenses — including outdated notions like “air-gapping” and “security by obscurity” — are no longer sufficient to protect IoT and ICS networks. Targeted attacks, sophisticated malware, and insider and trusted third-party threats require different, more specialized protection. That’s why CyberX was purpose-built for IoT and ICS defense.
Delivers immediate insights about IoT/ICS assets, vulnerabilities, and threats — in less than an hour — without relying on rules or signatures, specialized skills, or prior knowledge of the environment.
IoT/ICS-aware with deep embedded knowledge of IoT and ICS protocols, devices, vulnerabilities, applications — and their behaviors.
Continuous monitoring and real-time alerting with minimal false positives.
Known and zero-day threats — CyberX detects both for complete cybersecurity.
Passive and non-intrusive — with zero impact on IoT/ICS networks and devices. The CyberX appliance (virtual or physical) connects to a SPAN port or network TAP and immediately begins collecting IoT/ICS network traffic via passive (agentless) monitoring.
Holistic — reduces complexity with a single unified platform for asset management, risk and vulnerability management, and threat monitoring with incident response.
Heterogeneous and OT vendor-agnostic — with broad support for diverse IoT/ICS protocols and control system equipment from all IoT/ICS vendors.
Integrates with your existing SOC workflows and IT security stacks — including SIEMs, SOAR, ticketing, CMDB, firewalls, NAC, and privileged access management solutions.
Open Architecture — built from the ground-up with a rich API.
Read more about the CyberX Platform
5 DISTINCT ANALYTICS ENGINES TO DETECT ANOMALIES FASTER — WITH FEWER FALSE POSITIVES
Sophisticated attacks typically use multiple techniques to compromise OT networks, easily bypassing first-generation systems that look at baseline variations alone. That’s why CyberX identifies unusual or unauthorized behavior via five distinct
analytics engines, while self-learning eliminates the need for configuring rules or signatures, specialized skills,
or prior knowledge of the OT environment.
BEHAVIORAL ANOMALIES
CyberX uses an innovative, patented technology called Industrial Finite State Modeling (IFSM) to spot unauthorized or unusual behavior by modeling IoT/ICS networks as deterministic sequences of states and transitions. Unique in the industry, this delivers faster and more accurate threat detection with a minimal learning period compared to generic algorithms developed for IT networks, which are primarily non-deterministic.
PROTOCOL VIOLATIONS
indicating the use of packet structures and field values that violate IoT/ICS protocol specifications as defined by equipment vendors. These indicate potential misuse or abuse of the IoT/ICS protocol to exploit device or network vulnerabilities.
MALWARE
Behaviors indicating the presence of known malware such as EternalBlue as well as purpose-built IoT/ICS malware such as TRITON and Industroyer.
UNUSUAL MACHINE-TO-MACHINE (M2M) COMMUNICATIONS
identified via IoT/ICS-aware heuristics such as PLCs should not typically be communicating with other PLCs.
OPERATIONAL ISSUES
such as intermittent connectivity indicating early signs of equipment failure.
SEE HOW WE’RE DIFFERENT
FEATURED RESOURCE
IoT AND ICS SECURITY IS NOT IT SECURITY
Unlike IT security tools, our OT-specific security platform:
- Leverages a deep understanding of industrial protocols (DNP3, ICCP, IEC104, IEC61850, OPC, etc.)
- Incorporates ICS-aware behavioral analytics and threat intelligence — for faster anomaly detection with fewer false positives
- Provides ICS-aware asset discovery and vulnerability management supporting diverse vendors (Rockwell Automation, Schneider Electric, Siemens, GE, etc.)
- Uses agentless, non-invasive technology with zero impact on your production network and is easily deployed as either a virtual or physical appliance.
