The Cyberx
Platform

PLUG ’N PROTECT

Perimeter firewalls and conventional ICS/SCADA defenses — including outdated notions like “air-gapping” and “security by obscurity” — are no longer sufficient to protect OT networks. Targeted attacks, sophisticated malware, and insider and trusted third-party threats require different, more specialized protection. That’s why CyberX was purpose-built for OT defense.

icon-immediate-insights

Delivers immediate insights about ICS assets, vulnerabilities, and threats — in less than an hour — without relying on rules or signatures, specialized skills, or prior knowledge of the environment.

icon-ics-aware

ICS-aware with deep embedded knowledge of OT protocols, devices, applications — and their behaviors.

icon-continuous-monitoring

Continuous monitoring and real-time alerting with minimal false positives.

icoin-known-and-zero-day

Known and zero-day threats — CyberX detects both for complete cybersecurity.

icon-passive-non-intrusive

Passive and non-intrusive — with zero impact on OT networks and devices. The CyberX appliance connects to a SPAN port or network TAP and immediately begins collecting ICS network traffic via passive (agentless) monitoring.

icon-holistic

Holistic — reduces complexity with a single unified platform for asset management, risk and vulnerability management, and threat monitoring with incident response.

icon-heterogeneous

Heterogeneous and OT vendor-agnostic — with broad support for diverse OT protocols and control system equipment from all OT vendors.

icon-integrates

Integrates with your existing SOC workflows and security stacks — including SIEMs, firewalls, security orchestration and ticketing systems, and privileged access management solutions.

icon-open-architecture

Open Architecture — built from the ground-up with a rich API.

Read more about the CyberX Platform

Download the solution brief
CYX_PlatformModel_Final

5 DISTINCT ANALYTICS ENGINES TO DETECT ANOMALIES FASTER — WITH FEWER FALSE POSITIVES

Sophisticated attacks typically use multiple techniques to compromise OT networks, easily bypassing first-generation systems that look at baseline variations alone. That’s why CyberX identifies unusual or unauthorized behavior via five distinct
analytics engines, while self-learning eliminates the need for configuring rules or signatures, specialized skills,
or prior knowledge of the OT environment.

Group 4118

BEHAVIORAL ANOMALIES

CyberX uses an innovative, patented technology called Industrial Finite State Modeling (IFSM) to quickly spot baseline deviations by modeling ICS networks as deterministic sequences of states and transitions.

Group 4121

PROTOCOL VIOLATIONS

indicating the use of packet structures and field values that violate ICS protocol specifications as defined by OT vendors. These indicate potential misuse of the OT protocol to exploit device or network vulnerabilities.

Group 4122

INDUSTRIAL MALWARE

Behaviors indicating the presence of known malware such as WannaCry and NotPetya as well as purpose-built OT malware such as TRITON and Industroyer.

Group 4119

UNUSUAL MACHINE-TO-MACHINE (M2M) COMMUNICATIONS

identified via ICS-aware heuristics such as PLCs should not typically be communicating with other PLCs.

Group 4120

OPERATIONAL ISSUES

such as intermittent connectivity indicating early signs of equipment failure.

Group 4123

SEE HOW WE’RE DIFFERENT

Learn More

platform-featured-resource@2x
 FEATURED RESOURCE

OT SECURITY IS NOT IT SECURITY

Unlike IT security tools, our OT-specific security platform:

  • Leverages a deep understanding of industrial protocols (DNP3, ICCP, IEC104, IEC61850, OPC, etc.)
  • Incorporates ICS-aware behavioral analytics and threat intelligence — for faster anomaly detection with fewer false positives
  • Provides ICS-aware asset discovery and vulnerability management supporting diverse vendors (Rockwell Automation, Schneider Electric, Siemens, GE, etc.)
  • Uses agentless, non-invasive technology with zero impact on your production network and is easily deployed as either a virtual or physical appliance.
Read More

Primary Use Cases

Every organization is at a different stage in their OT cybersecurity maturity. Just as adversaries are becoming increasingly sophisticated, organizations are also continually challenged to up their game. CyberX enables you to easily adopt new capabilities to match your organizational readiness.

Asset Management

You can’t protect what you don’t know about. CyberX auto-discovers your OT network topology and provides detailed information about all your assets including device type, manufacturer, model, serial number, firmware revision, open ports, etc.
LEARN MORE

Risk & Vulnerability Management

CyberX provides an objective risk score for your overall OT environment along with actionable mitigation recommendations — prioritized by risk — at both the device and network layers.
LEARN MORE

Threat Detection & Response

Using five distinct, ICS-aware self-learning analytics engines, CyberX continuously monitors your OT network to detect threats such as targeted attacks, malware, and insider & trusted third-party threats.
LEARN MORE

SOC Integration

A unified IT/OT security strategy is the optimal way to manage your overall digital risk. CyberX integrates natively with your existing security stack to OT-enable your SOC with real-time visibility into OT assets, vulnerabilities, and threats.
LEARN MORE

Centralized Management

CyberX’s scalable architecture enables centralized visibility and control across multiple tiers in the organization, giving you a unified view of OT assets and risk across all your sites worldwide.
LEARN MORE

Advanced Use Cases