CyberX integrates seamlessly with all of your existing security products including SIEMs, IDS/IPS, firewalls, unidirectional gateways, and security analytics platforms. A REST API is also available for custom integrations. Here are some examples of our technology partners:
Palo Alto Networks
Palo Alto Networks & CyberX have integrated their offerings to deliver a powerful solution to protect your IIoT and Industrial Control Systems (ICS). Together, CyberX’s ICS threat monitoring platform with Palo Alto’s next-generation firewall enables manual & automated blocking of critical threats such as malware and unauthorized operations on industrial devices.
CyberX’s platform integrates with IBM QRadar out-of-the-box to forward alerts and integrate with your existing SOC workflows. IBM® QRadar® SIEM detects anomalies, uncovers advanced threats and removes false positives. It consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It then uses an advanced Sense Analytics engine to normalize and correlate this data and identifies security offenses requiring investigation.
Learn more about the CyberX ICS Threat Monitoring App for IBM QRadar.
The integration of CyberArk’s privileged account security solution with CyberX enables industrial organizations to receive real-time alerts on suspicious remote access sessions not authorized by the CyberArk solution. You can also continuously monitor and audit privileged user sessions as well as perform incident response and threat hunting to eliminate remote access threats before they become an issue.
The CyberX and Waterfall Security Solutions technology integration program aims to build a thriving cybersecurity eco-system for industrial control system (ICS) environments, comprised of field-proven providers who have completed Waterfall’s rigorous certification process, enabling customers to aggressively and confidently pursue a multi-layered cyber-defense strategy.
Learn more about the partnership here.
CyberX’s platform integrates with the Splunk out-of-the-box to forward alerts and integrate with your existing SOC workflows. Splunk Enterprise monitors and analyzes machine data from any source to deliver Operational Intelligence to optimize IT, security and business performance. With intuitive analysis features, machine learning, packaged applications and open APIs, Splunk Enterprise is a flexible platform that scales from focused use cases to an enterprise-wide analytics backbone.
Learn more about Splunk.
CyberX’s platform integrates with LogRhythm out-of-the-box to forward alerts and integrate with your existing SOC workflows. The LogRhythm Security Intelligence Platform is a security information and event management (SIEM) product for enterprise use. It is used to collect security event log data from software throughout an enterprise, including network security controls, operating systems and user applications. The SIEM tool analyzes the data to identify possible signs of malicious activity so humans or automated processes can stop attacks in progress or help recover from successful attacks.
Learn more about LogRhythm.
CyberX’s platform integrates with ArcSight out-of-the-box to forward alerts and integrate with your existing SOC workflows. ArcSight ESM collects security log data from an enterprise’s security technologies, operating systems, applications and other log sources, and analyzes that data for signs of compromise, attacks or other malicious activity. If something malicious is detected, the product acts accordingly by generating alerts to security administrators or initiating an automated response to stop the malicious activity.
Learn more about ArcSight.
To help customers mitigate the dangers of IoT-enabling their businesses, Microsoft has launched its Security Program for Azure IoT, looking to help connect customers with best-of-breed IoT security auditing platforms.
Learn more about the Security Program for Azure IoT.
Integration of CyberX with the Skybox Security Suite pulls data from the CyberX platform into a visual, interactive model of the attack surface. The model combines ICS and SCADA network data with information from a variety of sources including the Skybox Vulnerability Database, threat intelligence feeds, security analysts, SIEMs and more. This provides comprehensive visibility and contextual intelligence for more accurate prioritization of cyber risks not just in your IT network, but across your entire organization.
Learn more about our integrated solution.
Checkpoint and CyberX have joined together to deliver unprecedented protection with a proactive, two-way solution. The CyberX platform, operating from the core of the industrial network, enhances security by keeping Check Point security policies updated in real-time. At the same time, Check Point updates CyberX with insights it receives from the cloud-based Global Threat Intelligence platform. Together we ensure your most critical industrial assets are secure, online and operational.
Learn more about our integrated solution.
CyberX’s platform is 100% vendor-agnostic and works seamlessly with all OT devices and protocols, from all automation vendors. In addition, our passive monitoring architecture ensures there’s never any performance impact or disruption to your OT network or devices. This has been field-proven in hundreds of deployments in heterogeneous production environments across the US, Europe, and APAC. Here are some examples of the industrial automation equipment vendors supported by the CyberX platform: