CyberX ICS Threat Monitoring App for IBM QRadar
- A unified approach to IT and OT security in the corporate SOC.
- Tighter collaboration between IT and OT teams.
- CISOs to build upon SOC investments they’ve already made in people, workflows, and technology.
- Deep visibility into specialized ICS protocols, devices, and threats, along with ICS-specific behavioral analytics to rapidly detect suspicious or anomalous behavior.
Key use cases
- Unified timeline view of all real-time ICS alerts, filtered according to five different analytics engines: cyber anomalies, known malware, protocol violations, operational anomalies, and policy violations.
- Granular integration of alerts with IBM QRadar. Users can choose which alerts appear in QRadar based on severity level, analytics engine, and protocol type (MODBUS, GE SRTP, Siemens S7, etc.).
- Correlation of CyberX alerts with other IBM QRadar intelligence sources, including analytics and logs collected from IT and OT systems, firewalls, and other devices.
About the CyberX OT Security Platform
Developed by military cyber experts with nation-state expertise defending critical infrastructure, the CyberX platform delivers continuous ICS threat monitoring and asset discovery. It combines an embedded understanding of industrial devices, protocols, and applications with ICS-specific anomaly detection based on proprietary self-learning algorithms, as well as ICS-specific threat intelligence, risk and vulnerability assessments, and automated threat modeling.
To download the CyberX ICS Threat Monitor App, visit the IBM Security App Exchange.
To learn more about the convergence of OT, IT and IIoT security in the corporate SOC, view the webinar by SANS and CyberX.
To see CyberX’s OT security platform in action, request a demo here.