View
Sorting
Products found: 57
Abatis for Maritime ICS SCADA
- Communication Systems
- Bridge Systems including ECDIS
- Propulsion & Power Control
- Access Control Systems
- Cargo Management Systems
- Passenger Servicing & Mgt.
- Passenger-facing Networks
- Core Infrastructure Systems
- Admin & Crew Welfare Systems
- Proactive Protection
- No Updates Required
- Fast
- Safe
- Efficient
- Low Power Consumption
- Evaluated Extremely Small Footprint (<100KB)
- Fit-and-Forget
- Protects Legacy and New Operating Systems Can Identify and Isolate Existing Malware Infections
- Works with Existing Security Tools
- Easy to Use Reduces Maintenance Burden
- Improve Green Credentials through Energy Saving
- Ship & Shore Capability
Ampex TuffServ
Arbit Data Diode
The Arbit Data Diode has the following features:
- More hardware configurations available
- Maximum file size limited only by available disk space
- Based on gigabit network interfaces
- Transports all file types and emails with full transaction control
- Unlimited number of data channels
- Data channel priority (on transaction basis)
- Supports up to 24 streaming channels (video, radio, etc.)
- Back Pressure in case of critical diskspace
- Safe points in case of increased data flow
- Notifications by email: Required retransmissions, Daily operational statistics, Total count and size of transactions within last 24h.
- Operated by web-interfaces
- No daily maintenance
- Software based on hardened Linux
- Support Supervisory Control and Data Acquisition (SCADA) networks
- Support Industrial Control Systems (ICS)
SUPPORTED PROTOCOLS
- Mail (SMTP)
- Simple file transfer (FTP, SFTP)
- Windows share mapping (SMB)
- Time synchronization (NTP)
- HTTP/HTTPS forwarding
- Streaming (UDP/TCP)
Argus Connected ECU
KEY BENEFITS
AUTONOMOUS. Prevents attacks in real-time without connectivity to the outside world or human intervention MULTI-LAYERED. Provides multiple independent protection layers, to defend against all types of attacks. AUTOMOTIVE-GRADE. Built for the automotive industry and addresses unique automotive security challenges. CONTROL FLOW INTEGRITY (CFI). Prevents exploitation of vulnerabilities, by ensuring that the ECU program does not deviate from its expected execution flow. SYSTEM LIMITER. Prevents unauthorized commands and resource access with an automotive-grade mandatory access control. PLATFORM INTEGRITY. Prevents and blocks unauthorized software from running on the ECU by validating the software at boot and during runtime. SECURITY LOGGER. Collects and securely stores security events from each module, and from other data sources in the ECU, for further analysis by the OEM. THREAT DETECTION. Prevents attacks in real-time, by identifying and responding to suspicious behavior across the ECU that may indicate an unknown attack. ECU FIREWALL. Prevents attacks from spreading to the in-vehicle network by blocking malicious communications using Deep Packet Inspection.KEY FEATURES
- Supports Linux, QNX, and Android operating systems
- Saves time with seamless Integration and easy configuration
- Designed for easy reuse across ECUs
- Consumes minimal system resources
- Supports future module activation
Attivo Networks ThreatDefend Platform™
Threat Deception Technology to Detect Threats Early, Accurately & Efficiently The ThreatDefend Deception Platform is a modular solution comprised of Attivo BOTsink® engagement servers, decoys, and deceptions, the ThreatStrikeTM endpoint deception suite, ThreatPathTM for attack path visibility, ThreatOpsTM incident response orchestration playbooks, and the Attivo Central Manager (ACM), which together create a comprehensive early detection and active defense against cyber threats.
WHY CUSTOMERS CHOOSE THREAT DECEPTION
- EARLY WARNING SYSTEM
- ACTIONABLE ALERTS
- EASY TO DEPLOY
- LOW MAINTENANCE
- STRENGTHENS DEFENSES
DETECT KNOW & UNKNOWN ATTACKS Not reliant on signatures or pattern matching, the Attivo ThreatDefend solution accurately detects in-network reconnaissance, credential theft, Man-in-the-Middle attacks, and lateral movement of threats that other security controls miss. EARLY & ACCURATE DETECTION Threat deception provides early detection of external, insider, and 3rd party attacks. Achieve real-time threat detection of reconnaissance and credential theft activities as attackers are deceived into engaging with decoys, deception lures, and bait designed to entice hackers into revealing themselves. NO ALERT FATIGUE FROM FALSE POSITIVES High-fidelity alerts are raised based upon attacker decoy engagement or deception credential reuse. Each alert is substantiated with rich threat intelligence and is actionable, removing false positive and noisy alerts that distract from the prompt incident response of real threats. NOT RESOURCE INTENSIVE Easy to deploy and operate, the Attivo solution is design to be low maintenance. Deployment is in hours and doesn’t require highly skilled employees or in-depth resources for ongoing operations. Machine learning, automated analysis, and incident response empower quick remediation. CAMOUFLAGE Realistic deception is key to deceiving attackers into engaging. Dynamic deception provides authenticity and deception campaigns for self-learning deployment and refresh.
Authenticity
- Customized using real OS and services to production assets
- Credential validation with Active Directory
- High-interaction engagement
Machine-Learning
- Self-learning of the environment generates deception campaigns
- Campaigns can be deployed on demand for environment refresh
- Allows automated refresh to spin up deception or avoid fingerprinting
Easy Operations
- Simplify deployment with automated campaign proposals
- Easy operations with automated refresh
- Choice of on demand or automated campaign deployment
FEATURES
ThreatDefend is a comprehensive, scalable detection platform designed for the early detection of external threat actors and insiders (employees, suppliers, contractors) and for accelerating incident response. IN-NETWORK THREAT DETECTION Early endpoint, network, application, and data post-compromise threat detection. ATTACK SURFACE SCALABILITY Deception for evolving attack surface: data centers, cloud, user networks, remote office, specialty networks. EASY DEPLOYMENT & OPERATIONS Flexible deployment options and machine-learning for ongoing campaign authenticity and refresh. SUBSTANTIATED ALERTS & FORENSICS Actionable alerts from attacker engagement or credential reuse. Full forensics for actionable response. ATTACK ANALYSIS Automated attack analysis and correlation improves time-to-remediation. THREAT INTELLIGENCE High interaction attacker engagement and DecoyDocs produce threat, adversary, and counterintelligence. ACCELERATED INCIDENT RESPONSE Extensive 3rd party automations accelerate incident response to block, isolate, and threat hunt. ATTACK PATH VULNERABILITY ASSESSMENT Understand attack path vulnerabilities based on exposed credentials and misconfigurations. VISIBILITY & ATTACK MAPS Topographical maps for network visualization and time-lapsed attack replay.
Bedrock OSA
Enjoy the cost and flexibility of open technology knowing you’re protected by military-grade cyber security. Rest even easier knowing that the security comes at no additional cost because it is designed to be secure from the silicon on up.
Features: Performance- Ultra fast PLC, SCADA RTU, PAC and DCS capabilities
- Soft-selectable I/O on each channel: DI / DO / AI / AO / Pulse / HART 7
- Secure OPC UA / MQTT / Ethernet IP / Modbus TCP / Modbus RTU / PROFINET / BSAP
- Fixed 1 millisecond scan times regardless of load
- 512MB RAM with options for 8GB, 32GB or 64GB Flash memory
- – 40°C to +80°C operating range
- Advanced built-in cyber security
- Sealed all-metal enclosure
- EMP hardened (MIL-STD 461 certified)
- Pin-less backplane
- Made in USA with a cyber secure supply chain
- 5 Year Warranty
- FREE software – IEC 61131-3 IDE
- FREE embedded simulator
- FREE maintenance / No annual license fee
- Simplified enclosure
- Reduce bolt-on cyber security costs
- Reduce lifecycle costs
BKC — FloodMonitoring
- Заблаговременно выявлять атмосферные фронты, которые могут сформировать наводнение.
- Прогнозировать количество осадков и уровня воды в реках.
- Оценивать и анализировать риски наводнения.
- Быстро рассчитывать зоны затопления и глубины по данным прогноза гидрометеорологической ситуации.
- Получать данные спутникового метеорологического мониторинга.
- Моделировать сценарии подтопления и оценивать эффективность гидрологического защиты.
- Отслеживать уровень воды в реках и количество осадков на прилегающих территориях.
Cisco Firepower 9300 Series
Features:
Scalable multiservice security Eliminate security gaps. Integrate and provision multiple Cisco and Cisco partner security services dynamically across the network fabric. See and correlate policy, traffic, and events across multiple services. Expandable security modules Flexibly scale your security performance. Meet business agility needs and enable rapid provisioning. Carrier-grade performance NEBS-compliant configurations available. Elevate threat defense and network performance with low-latency, large flow handling, and orchestration of security services. Protect Evolved Programmable Network, Evolved Services Platform, and Application Centric Infrastructure architectures. Benefits:- Designed for service provider and data center deployments
- Threat inspection up to 90 Gbps
- Includes AVC, with AMP and URL options
- Fail-to-wire interfaces available
Claroty Continuous Threat Detection
- Rapidly detect industrial operations risk, enhance cyber resiliency, and minimize unplanned downtime
- Prevent impact to physical processes, expensive industrial equipment or injuries to people
- Quickly deploy and scale across multiple sites and reduce overall management costs
Claroty Platform
- Provides extreme visibility into ICS Networks
- Identifies security gaps – including known and emerging threats and vulnerabilities
- Automatically generates current state of OT process-level communications and presents an ideal network segmentation strategy
- Detects security posture changes
- Enables proactive threat hunting with actionable threat information
- Secures, monitors, and records remote connections to ICS assets
- Continuous, real-time monitoring of OT Networks
- Rapidly discover network communications and asset details down to the I/O level
- Field Proven and 100% safe for OT networks
- Precise, periodic queries of OT and IT Assets
- Safely query ICS and non-ICS assets for enhanced visibility into asset configurations
- Enhanced context for alerts and vulnerabilities
Cloakware Secure Environment
- Disables execution of anything except OEM authorized software.
- Removes debugging capability and memory examination.
- Encrypts binaries and file content.
- Hides decryption keys.
- Makes reverse engineering virtually impossible.
- Monitors hacking attempts and supports a range of OEM responses.
- Collects security incident data for post-mortem analysis.
Compumatica MagiCtwin
Features:
Secure is really secure MagiCtwin protects the most critical networks and data. With only one-way traffic and regulated two traffic, these networks and data are not accessible from the internet. Special protocols MagiCtwin are compatible with the common protocols used in the critical infrastructure and smart industry. F.e. Modbus, DNP3 and IEC 60870-5-104. Additional protocols could be implemented on request. Security principle Misconfiguration with as result security leaks is excluded because MagiCtwin in default modus applies the principle. ”Everything not explicitly allowed is strictly forbidden.” Central Management The control of MagiCtwin is very easy. The physical Diode doesn’t need to be configured and works from the moment when it is connected to two networks. Both firewalls can easily be managed via the web management. Inexpensive solution Comparing to other Diode vendors, MagiCtwin is inexpensive. Thanks to the efficiënt management the cost of ownership are very affordable. Push | Pull method With the push method, data from the TX side will be directly send to the right server/user. With the pull method, the user is required to retrieve the data from the TX side. Certified firewalls The MagiCtwin consist of two Compuwall’s (Next Generation Layer-7 Firewall), which is the only Dutch certified firewall for ‘restricted’ usage. Separation of networks Thanks to the physical one-way, MagiCtwin Diode is an excellent solution to divide a confidential network from the office network. Traffic from the confidential network to the office network is fully blocked. Also known as the red/black separation. Designed for industrial environments MagiCtwin is very suitable for industrial environments because it is shockproof, works at temperatures between -20° and +55° Celsius, doesn’t contain any fans and has a long life time.Unique features:
- Compatible for cloud
- Special protocols
- Inexpensive solution
CyberX Platform
CyOPs Platform
Incident Management
Distinguishing Real Threats From Endless Alerts
Real threats are often overlooked, largely as a result of the copious amount of alert notifications that accumulate daily. CyOPs Automated Intelligent Triaging enables Security Analysts to efficiently uncover these important alerts, prioritizing them based on severity, asset, intelligence, and frequency. To investigate alerts more efficiently, it’s very important to be able to understand and review data in a consumable manner. CyOPs Case Management solution understands the need to manage data effectively and provides options to:- Manage Alert and Incident Listings in a filter-able grid view
- Ability to add mini-dashboards on each grid to gain visibility into the bigger picture and understand trends
- Ability to define new modules, unlike any other SOAR offering- with customization of modules such as fields, views, and permissions
- Visual layout editor to define custom views, data models, fields, and grids
CyOPs for MSSPs
Integrate All Your Security Tools
Enterprise-level SOCs leverage a multitude of products and tools to effectively resolve incidents and fulfill compliance requirements. CyOPs caters to our clients’ specific environment needs due to the customizability of product, which results in greater efficiency, eliminated alert fatigue, and maximizes their ROI. The CyOPs Integrations Repository has over 280 available integrations, enabling users to automate their entire security stack behind a single pane of glass.A unified console built on the only enterprise multi-tenancy architecture.
- Obtain a complete overview of all your customers (tenants) in a single unified CyOPs master console.
- Filter views by customers, to understand the customer’s current state
- Assign and adhere to the Roles and Permissions assigned to each tenant
- Create customer specific alert and incident views
- Robust and scalable architecture for load-balancing usage
Role Based Custom Dashboards
Insight From Multiple Perspectives
CyOPs offers customers enterprise dashboards enabling better decision making.- Choose from multiple canned dashboards from multiple perspectives
- Export and import dashboard templates
- Export dashboard views as PDFs
Full Role-Based Access Control
- Assign multiple roles to each dashboard to control visibility across the team.
- Ability to assign roles and permissions to dashboard templates
- Ability to make selected dashboards as default for all system users
- Ability to create user-specific dashboards and reports
Reporting
Library of Out-of-the-box Reports
- Leverage the CyOPs Report Library for a quick start with many commonly used reports
- Use ready-made reports like Incident Closures, Alert Closures, IOC Summaries etc.
- CyOPs Support Portal using Report Import functionality
- Customize out-of-the-box reports for organization-specific metrics
- Export Reports in CSV & PDF Formats
Queue Management
Create Dedicated Queues
Leverage the built-in CyOPs Queue Management to handle automatic work assignments across multiple queues and teams- Create multiple queues across multiple teams
- Add multiple team members to each Queue
- Define logical rules for auto assignments to a specific member or team
- Option to add work tasks manually to any queue
Manage SOC Shift Change With Ease
Streamline SOC Team Onboarding & Management
CyOPs™ enables new SOC team members to start making an impact right away due to its ease of use and ability to retain information from previous employees. Standardized trackable and repeatable processes result in a more efficient onboarding plan for new SOC team members. Create standard automated response processes using the most versatile enterprise drag-and-drop CyOPs Playbook builder that not only retains team knowledge but also shortens incident response times. Maximize your team and security stack with CyOPs™ automation.- SOCs that work in multiple shifts perfects shift changeovers with ease
- Create multiple queues for different shifts
- Define rules for assigning alerts and incidents based on the timezone
- Obtain snapshots of a shift’s queue to better understand task status
- Option to add manual tasks to any queue or team member
Darktrace Antigena
Darktrace The Enterprise Immune System
- Market-leading AI cyber-threat detection in the Cloud;
- Detects, classifies and visualises cyber-threats that evade other defences;
- Self-learning technology - world-leading machine learning and AI;
- Not reliant on historical attacks to predict new threats;
- Models understanding of what 'normal' enterprise behaviour looks like;
- Detects threats emerging in real-time;
- Detects insider threat, low-and-slow attacks, automated viruses;
- Self-adapting as the organisation changes: no tuning or reconfiguration;
- New threat identification, irrespective of threat type or attacker;
- Rapid identification of anomalous activity providing early threat warning.
- Adaptive - evolves with your organisation;
- Self-learning - system constantly refines its understanding of 'normal';
- Probabilistic - works out the likelihood of serious threat;
- Realtime - spots cyber threats as they emerge;
- Works from day one - delivers instant value;
- Low false positives - correlation of weak indicators;
- Data agnostic - ingests all data sources;
- Highly accurate - models humans, device and enterprise behaviour;
- Installs in 1 hour - minimal configuration required;
- Passive monitoring to model 'pattern of life' usage (non-disruptive).
Data Capture Unit (DCU)
Industrial data diode designed to deliver the highest level of security to OT networks like industrial control systems (ICS) and safety critical infrastructure via physical isolation when there’s a need to connect them to a lower security network (IT Networks or Internet) for replication or analytics.
The DCU is designed and manufactured in Germany, its chip design forces data to flow one-way only using a unique electromagnetic induction design, to collect data and guarantee that there’s no physical path for remote access to the OT Network.
The DCU has a software complement called, OWG (One-way gateway) software, its two agents, a OWG sender capable of data collection of several protocols (FTP, OPC UA, Syslog), filtering and aggregating data in the OT network (Edge) to then push it thru the DCU and a OWG receiver, which receives data from the DCU and can be configured to send it directly to the cloud (AWS or MindSphere) or to another computer in the IT network.
The DCU and OWG are vendor neutral and support Windows or Linux systems.
Dragos Industrial Cybersecurity Platform
IDENTIFY ASSETS
Deep packet inspection (DPI) of ICS protocols, traffic, and asset characterizations, ability to consume host logs and controller events, and integrations with ICS assets such as data historians provide a complete view of ICS environments.DETECT THREATS
Complex characterizations of adversary tactics, techniques, and procedures through threat behavior analytics pinpoint malicious activityon ICS networks and provide in-depth context to alerts.RESPOND
Expert-authored investigation playbooks and case management guide defenders step-by-step through the investigation process to enable independence and transfer knowledge from our team to ICS defenders. Benefits:- Significantly reduce time to identify and inventory all assets and traffic on your network
- System-generated asset maps and reports provide consistent, time-driven views that are accurate, up-to-date, and thorough
- Automatic classification of assets based on behavior
- Set one or more baselines and get notifications when specific changes or anomalies occur in the environment over time
- Recognize new or rogue assets as they appear; identify assets that have disappeared from the network
- Powered by human-based intelligence that identifies adversary tradecraft and campaigns
- No bake-in or tuning period required; threat behavior analytics work immediately upon deployment
- Detect threats not simply as anomalies to investigate, but with context that guides effective response
- Notification filtering provides a risk-based approach to management
- Playbooks codify incident response and best-practice workflows developed by Dragos experts
- Manage incidents and cases from the same console cross-team
- Clear Indicator of Compromise reports guide attention to vulnerable assets
- Easily monitor case, notification, and analyst activity, as well as system-level health and statusT
- Splunk, QRadar, Pi Historian, LogRythym, Syslog, Windows Host Logs
Dragos WorldView
WorldView threat intelligence feeds, alerts, reports, and briefings provide deep, context-rich insight, illuminating the malicious actors and activity targeting industrial control networks globally. This knowledge enables ICS defenders to make both tactical decisions and strategic recommendations on ICS cybersecurity quickly, and with confidence.
Dragos Worldview provides National Grid with clearly articulated intelligence, backed by evidence and specific information to help us mitigate threats. The clear understanding Dragos has of the environment in which we operate, allows us to cut through the hype around many potential industry vulnerabilities, so we can focus on the ones that matter most as we look after vital infrastructure and ensure supply to our customers.National Grid
Dragos WorldView Content
- ICS-themed malware identification and analysis ICS vulnerability disclosures and analysis
- ICS adversary behavior trends
- ICS threat/incident media report analysis and commentary
- Cybersecurity conference presentations and researcher discoveries with Dragos’ expert perspective
- Key indicators of compromise (IOCs) for defenders to utilize
Dragos WorldView Benefits
Immediacy: critical threat alerts inform you of rapidly escalating ICS threat situations
Efficiency: expert threat identification and analysis combats alert fatigue
Effectiveness: reduce adversary dwell time and mean time to recovery (MTTR)
Insight: ICS vulnerability, threat and incident assessments promote informed, timely, and confident decision making
EVENTSentry
Know when you need to act. Delivering meaningful insight into your network data.
EventSentry is a powerful monitoring solution that provides your IT team with actionable network data that drives intelligent IT decisions—in real-time. Reliable, secure, scalable, and easily-deployed, EventSentry will enhance the performance, compliance and security of your network. Save time, prevent disasters and reduce TCO with one of the most cost-effective monitoring solutions on the market. New users are up and running in minutes and can easily adapt the solution to suit their needs—with award-winning customer service at their fingertipsKEY FEATURES:
- Correlate and monitor event logs and log files in real time as well as monitor performance, disk space, services, processes and much more on both physical and virtual (cloud) servers and workstations.
- Track Active Directory of any object down to the attribute level effortlessly. Also monitors group policy changes and includes user status reports. Track processes, console and network logons, file access, account management events and even policy change events for compliance with PCI, SOX, HIPAA, CJIS and others.
- Visualize data with insightful dashboards and a powerful job & reporting feature. Reporting supports granular authentication and sophisticated log searching.
- Extend core functionality with the application scheduler feature, which integrates existing or new scripts into the monitoring environment.
Single Pane of Glass. EventSentry looks beyond events and log files - by monitoring multiple aspects of Windows-based systems to give you a complete picture - and not just a few pieces of the puzzle. Disk space, performance, inventory and more monitoring features are all included.
Real-Time Event Log Monitoring. Our state-of-art agents monitor all Windows servers, workstations & laptops securely, efficiently and in real-time - with native 64-bit support. Data is encrypted & compressed, and collected metrics are cached and re-transmitted during temporary network outages.
Descriptive Email Alerts. EventSentry's email alerts go the extra mile to make troubleshooting faster and more effective by providing additional context. Footers provide a status of the monitored host, security codes are automatically explained and performance alerts include embedded visual charts. IP addresses contained in emails are supplemented with reverse DNS lookup and geolocation data.
Security Event Correlation. Since Windows security events are notoriously difficult to decipher and correlate, EventSentry transforms raw security events into easy-to-read reports that immediately make sense. Who ran which application, when did a user logon and from which workstation and which files were changed by whom are only some of the questions you will be able to answer with EventSentry. Web-Based Reporting & API. A modern, sleek reporting engine that works across all major browsers and mobile devices provides easy access to all logs and metrics. Beautiful & illustrative dashboards can present data from different vantage points, an extensive API provides easy access to third party applications.
Features Overview
Event Log Monitoring & CorrelationReal-Time event log monitoring and correlation which supports advanced features such as thresholds, recurring events, timers, insertion strings and more.
Compliance Tracking
Track file/registry access activity, processes and console logons, successful or failed network logons, account management and more to help with PCI, HIPAA, CJIS, SOX and other compliance requirements.
Log File Monitoring & Correlation
Monitors and correlates any log file (e.g. IIS, DHCP, Backup, Firewall) in real-time and sends alerts upon matching text. Create custom views for structured log files.
NetFlow
Visuzalizes NetFlow and sFlow data and provides detailed reporting like bandwidth usage. Sysmon integration correlates process network activit with NetFlow data.
Central Collector Service
Supports data collection over insecure mediums (e.g. Internet) through strong TLS encryption. Also supports local caching and compression.
Extensive Inventory
Inventories installed software, patches as well as hardware information, including VM inventory (VMWare© and Hyper-V©). Shows physical switch port mappings and managed hardware info when available.
Web Reporting
Modern web-reporting with dashboards, granular access control, flexible reporting, jobs engine and visualization tools. Extensive API to access data from 3rd party software. Works with all major browsers and mobile devices.
Comprehensive System Health Monitoring
Keeps track of all important system metrics like disk & folder usage, performance metrics, reboots, critical OS files and more.
Heartbeat Monitoring
Centrally monitors the uptime of hosts and TCP services and provides availability stats.
Process, Services & Scheduled Tasks
Pro-actively monitors services, scheduled tasks and stand-alone processes. Failed processes and services can be restarted automatically.
Syslog/SNMP/ARP Daemon
Collects Syslog messages and SNMP traps (v1-v3) centrally from Unix/Linux hosts and/or network devices. Alerts matching configured rulesets can be dispatched in real-time.
The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.