XSense acts as an invisible layer that covers the operational technology network, modeling it as a state machine. A plug and play solution, XSense is fully agnostic and easily integrates into any operational network, with no requirements for any changes or additional investments to be deployed. It operates in a completely unobtrusive manner, analyzing traffic only.
Our technology enables organizations to continue with their operations, knowing that their OT Network is secure and stable.
XSense is a situational aware platform and its core technology is based on the recognition that in order to properly secure an OT Network, you need to fully understand how it operates, at all times.
Divided into three stages of action, XSense is designed to ensure OT networks are operating exactly the way they are supposed to.
Stage One: Collection
Once plugged in, XSense commences the Collection stage. During this stage XSense performs Deep Packet Inspection and extracts the devices of the network, the different patterns that are used and operational processes.
Stage Two: Analysis
The core part of the XSense technology is its ability to model the OT Network as a State Machine on the fly. Being deterministic networks by definition, based on Machine-to-Machine communications and with well-defined traffic, OT Networks can be composed of hundreds and even thousands of different states.
XSense constructs the network’s State Machine during learning mode and once in operational mode, it knows whenever the Network is in each particular state. Each state of the Network is a compound structure and XSense perceives a detailed snapshot of the network at each point in time.
Modeling the whole Network as a state machine enables XSense to provide a very high detection rate, alerting the operator whenever a new state is introduced.
Once a new state is introduced, a classification process takes place. Based on multiple signals that are fed into the XSense algorithm, during the Collection and Analysis stages, XSense determines whether the new state is malicious or operational.
Stage Three: Projection
The definition of a new state as malicious or operational, generates an alert that is delivered in real-time to the network operator. During the Projection stage, the OT Network operator is alerted and provided with actionable data and all the relevant details to the incident, be it malicious or operational, so that an in depth drill down of the incident can be carried out.
Our technology is patent pending.