ICS Threat Intelligence

CyberX doesn’t require you to become an expert in OT security. It’s like having the world’s top ICS experts sitting beside you and advising you at each step.

ics-worker

IT’S NOT JUST ABOUT KNOWING…

IT’S ABOUT KNOWING WHAT TO DO

CyberX’s alerts and Vulnerability Assessment report include detailed and actionable mitigation recommendations prioritized by risk — based on our threat intelligence — so your SOC analysts know what needs to be done immediately.

CyberX was the first industrial cybersecurity firm to establish an in-house team of ICS threat intelligence analysts and security researchers.

Our ICS threat intelligence is builtin to our platform to enrich our analytics. It also supports our managed services for incident response and breach investigation.

CyberX’s threat intelligence team is composed of data scientists and world-class domain experts who previously staffed a national CERT defending against daily nation-state cyberattacks. They bring that expertise to CyberX by tracking ICS-specific zero-days, campaigns, malware, and adversaries.

The team has already submitted more than a dozen zero-day vulnerabilities to the US ICS-CERT, including previously unknown vulnerabilities for devices manufactured by Rockwell Automation, Schneider-Electric, GE, Siemens, CODESYS, AVEVA, and others.

What’s more, the team has developed specialized tools for reverse-engineering industrial malware. (You can read the team’s analysis of the TRITON malware here, which includes a never-before-published description of the custom protocol developed by the attackers to communicate with their backdoor in the safety PLC.)

ics-thread-intelligence-screenshot-1@2x

KNOW MORE. KNOW BETTER. KNOW SOONER.

CyberX continues to lead the industry, helping cuxstomers stay one step ahead of adversaries.

For example, CyberX’s industry-unique ICS Malware Analysis Sandbox is a new and highly-scalable source of threat intelligence, since it continuously collects and automatically analyzes potentially malicious files from CyberX deployments worldwide as well as from a range of open and closed sources.

Primary Use Cases

Every organization is at a different stage in their OT cybersecurity maturity. Just as adversaries are becoming increasingly sophisticated, organizations are also continually challenged to up their game. CyberX enables you to easily adopt new capabilities to match your organizational readiness.

Asset Management

You can’t protect what you don’t know about. CyberX auto-discovers your OT network topology and provides detailed information about all your assets including device type, manufacturer, model, serial number, firmware revision, open ports, etc.
LEARN MORE

Risk & Vulnerability Management

CyberX provides an objective risk score for your overall OT environment along with actionable mitigation recommendations — prioritized by risk — at both the device and network layers.
LEARN MORE

Threat Detection & Response

Using five distinct, ICS-aware self-learning analytics engines, CyberX continuously monitors your OT network to detect threats such as targeted attacks, malware, and insider & trusted third-party threats.
LEARN MORE

SOC Integration

A unified IT/OT security strategy is the optimal way to manage your overall digital risk. CyberX integrates natively with your existing security stack to OT-enable your SOC with real-time visibility into OT assets, vulnerabilities, and threats.
LEARN MORE

Centralized Management

CyberX’s scalable architecture enables centralized visibility and control across multiple tiers in the organization, giving you a unified view of OT assets and risk across all your sites worldwide.
LEARN MORE

Advanced Use Cases