CyberX ICS Threat Monitoring App for IBM QRadar

CyberX is the first ICS security provider to offer richer integration with IBM QRadar that goes beyond the simple Syslog integration provided by other ICS security vendors. The CyberX ICS Threat Monitoring App enables:

  • A unified approach to IT and OT security in the corporate SOC.
  • Tighter collaboration between IT and OT teams.
  • CISOs to build upon SOC investments they’ve already made in people, workflows, and technology.
  • Deep visibility into specialized ICS protocols, devices, and threats, along with ICS-specific behavioral analytics to rapidly detect suspicious or anomalous behavior.

IBM QRadar screen shot showing the depth of ICS threat information obtained from the CyberX platform, and how it appears to SOC analysts with CyberX’s new ICS Threat Monitoring App for QRadar.

Key use cases

  • Unified timeline view of all real-time ICS alerts, filtered according to five different analytics engines: cyber anomalies, known malware, protocol violations, operational anomalies, and policy violations.
  • Granular integration of alerts with IBM QRadar. Users can choose which alerts appear in QRadar based on severity level, analytics engine, and protocol type (MODBUS, GE SRTP, Siemens S7, etc.).
  • Correlation of CyberX alerts with other IBM QRadar intelligence sources, including analytics and logs collected from IT and OT systems, firewalls, and other devices.

About the CyberX OT Security Platform

Developed by military cyber experts with nation-state expertise defending critical infrastructure, the CyberX platform delivers continuous ICS threat monitoring and asset discovery. It combines an embedded understanding of industrial devices, protocols, and applications with ICS-specific anomaly detection based on proprietary self-learning algorithms, as well as ICS-specific threat intelligence, risk and vulnerability assessments, and automated threat modeling.

To download the CyberX ICS Threat Monitor App, visit the IBM Security App Exchange.

To learn more about the convergence of OT, IT and IIoT security in the corporate SOC, view the webinar by SANS and CyberX.

To see CyberX’s OT security platform in action, request a demo here.