Incident Response,
Forensics &
Threat Hunting

More than simple alerts, CyberX gives you contextual information and actionable mitigation recommendations to help you rapidly triage alerts, investigate root causes, remediate threats—and proactively hunt for new ones.

MockupIpad2

TURNING INFORMATION

INTO ACTION

Continuous monitoring and real-time alerting aren’t sufficient on their own to reduce risk. You also need streamlined workflows to rapidly triage alerts, investigate root causes, remediate threats — and proactively hunt for new ones.

Each alert provides detailed contextual information about the specific activity that was observed and which devices were involved.

There’s an intuitive data mining interface for granular searching of historical traffic during forensic investigations and threat hunting. You can easily search for related events across all relevant dimensions including time period, IP or MAC address, and ports, plus protocol-specific queries based on specific function codes, protocol services, modules, etc.

Full-fidelity PCAPs are also captured for further drill-down analysis.

What’s more, the platform integrates out-of-the-box with your existing security stack, including SIEMs, security analytics platforms, and next-generation firewalls. And we provide a range of expert services to OT-enable your current SOC analysts and workflows.

MockupIpad6
CyberX provides a library of preconfigured reports and graphical widgets for investigations, threat hunting and compliance. This chart shows the distribution of all DNP3 commands by volume observed during the past week.

CyberX provides a library of preconfigured reports and graphical widgets for investigations, threat hunting and compliance. This chart shows the distribution of all DNP3 commands by volume observed during the past week.

CYBERX GOES FURTHER TO HELP YOU MANAGE RISK

You can draw on an extensive set of preconfigured graphical widgets and reports showing all occurrences, over a specified time period, of activity such as:

  • Active assets
  • Plain text passwords
  • Distribution of DNP3 function codes by volume
  • Distribution of S7 control functions by volume
  • Distribution of devices by OT vendor
  • Bandwidth over time
  • Bandwidth per channel
    … and more.

 

Primary Use Cases

Every organization is at a different stage in their OT cybersecurity maturity. Just as adversaries are becoming increasingly sophisticated, organizations are also continually challenged to up their game. CyberX enables you to easily adopt new capabilities to match your organizational readiness.

Advanced Use Cases