ICS Threat Intelligence
CyberX doesn’t require you to become an expert in OT security. It’s like having the world’s top ICS experts sitting beside you and advising you at each step.
IT’S NOT JUST ABOUT KNOWING…
IT’S ABOUT KNOWING WHAT TO DO
CyberX was the first industrial cybersecurity firm to establish an in-house team of ICS threat intelligence analysts and security researchers.
Our threat intelligence team is composed of world-class domain experts and data scientists who previously staffed a national CERT defending against daily nation-state cyberattacks. They bring that expertise to CyberX by tracking ICS-specific zero-days and CVEs as well as malicious DNS addresses, campaigns, malware, and adversaries.
The team has already submitted more than a dozen zero-day vulnerabilities to the US ICS-CERT, including previously unknown vulnerabilities for devices manufactured by Rockwell Automation, Schneider-Electric, GE, Siemens, CODESYS, AVEVA, and others.
Accelerating Operations with Actionable Insights
CyberX’s ICS threat intelligence is a continuous feed of information that’s seamlessly integrated with our platform to enrich our analytics. Our real-time alerts and Vulnerability Assessment report include detailed and actionable mitigation recommendations prioritized by risk — based on our threat intelligence — so your SOC analysts know what needs to be done immediately.
Our threat intelligence experts are also on-call to provide incident response and breach investigation services. What’s more, the team has developed specialized forensic tools for identifying and reverse-engineering malware. You can read the team’s analysis of the LockerGoga malware, as well as its analysis of the TRITON malware, which includes a never-before-published description of the custom protocol developed by the attackers to communicate with their backdoor in the safety PLC.
CyberX’s threat intelligence feed does not require an internet connection for updating. Updates can be applied manually as well automatically deployed to all appliances via the Central Manager.
KNOW MORE. KNOW BETTER. KNOW SOONER.
CyberX continues to lead the industry, helping customers stay one step ahead of adversaries.
For example, CyberX’s industry-unique ICS Malware Analysis Sandbox is a new and highly-scalable source of threat intelligence, since it continuously collects and automatically analyzes potentially malicious files from CyberX deployments worldwide as well as from a range of open and closed sources.
Primary Use Cases
Every organization is at a different stage in their OT cybersecurity maturity. Just as adversaries are becoming increasingly sophisticated, organizations are also continually challenged to up their game. CyberX enables you to easily adopt new capabilities to match your organizational readiness.