{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"products":{"reference-bonus":{"_type":"localeString","en":"Offer a reference bonus","ru":"Предложить бонус за референс"},"configurator":{"ru":"Конфигуратор","_type":"localeString","en":"Configurator"},"i-sell-it":{"ru":"I sell it","_type":"localeString","en":"I sell it"},"i-use-it":{"_type":"localeString","en":"I use it","ru":"I use it"},"roi-calculator":{"en":"ROI-calculator","ru":"ROI-калькулятор","_type":"localeString"},"selling":{"_type":"localeString","en":"Selling","ru":"Продают"},"using":{"ru":"Используют","_type":"localeString","en":"Using"},"sort-title-asc":{"en":"From A to Z","ru":"От А до Я","_type":"localeString"},"supplier-popover":{"ru":"поставщик","_type":"localeString","en":"supplier"},"implementation-popover":{"_type":"localeString","en":"deployment","ru":"внедрение"},"vendor-popover":{"en":"vendor","ru":"производитель","_type":"localeString"},"sort-title-desc":{"_type":"localeString","en":"From Z to A","ru":"от Я до А"},"sort-rating-asc":{"ru":"По возрастанию рейтинга","_type":"localeString","en":"Rating ascending"},"sort-rating-desc":{"ru":"По убыванию рейтинга","_type":"localeString","en":"Rating descending"},"sort-discount-asc":{"_type":"localeString","en":"Rebate ascending","ru":"По возрастанию скидки"},"sort-discount-desc":{"ru":"По убыванию скидки","_type":"localeString","en":"Rebate descending"},"i-use-it-popover":{"_type":"localeString","en":"Make your introduction and get a bonus from ROI4CIO or the supplier.","ru":"Внесите свое внедрение и получите бонус от ROI4CIO или поставщика."},"details":{"_type":"localeString","en":"Details","ru":"Детальнее"},"rebate-for-poc":{"ru":"Бонус 4 POC","_type":"localeString","en":"Bonus 4 POC"},"rebate":{"ru":"Бонус","_type":"localeString","en":"Bonus"},"vendor-verified":{"en":"Vendor verified","ru":"Поставщик потверждён","_type":"localeString"},"program-sends-data":{"_type":"localeString","en":"Program sends data"},"learn-more-btn":{"en":"Learn more","ru":"Узнать больше","_type":"localeString"},"categories-popover":{"_type":"localeString","en":"categories","ru":"категории"},"sort-popular-asc":{"ru":"По возростанию популярности","_type":"localeString","en":"Popular ascending"},"sort-popular-desc":{"en":"Popular descending","ru":"По убыванию популярности","_type":"localeString"},"no-results":{"en":"No results found. We didn't find any results with the filter you selected.","ru":"По вашему запросу ничего не найдено, попробуйте изменить запрос.","_type":"localeString"},"login":{"en":"Login","de":"Einloggen","ru":"Войти","_type":"localeString"},"register":{"de":"Registrieren","ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"auth-message":{"de":"Sie müssen sich registrieren oder anmelden","ru":"Вам нужно зарегистрироваться или войти.","_type":"localeString","en":"You need to register or login."},"add-to-comparison":{"en":"Add to comparison","ru":"Добавить в сравнение","_type":"localeString"},"added-to-comparison":{"ru":"Добавлено в сравнения","_type":"localeString","en":"Added to comparison"},"items-found":{"ru":"Продуктов найдено","_type":"localeString","en":"Products found"},"sort-sales-desc":{"en":"By sale","ru":"По продаже","_type":"localeString"},"sort-purchases-desc":{"_type":"localeString","en":"By purchase","ru":"По покупке"},"product-supplier":{"ru":"Поставщик продукта","_type":"localeString","en":"Product supplier"},"product-vendor":{"ru":"Производитель продукта","_type":"localeString","en":"Product producer"},"products-fetching-error":{"ru":"Произошла ошибка. Перезагрузите пожалуйста страницу.","_type":"localeString","en":"An error has occurred. Please reload the page."}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString"},"login":{"_type":"localeString","en":"Log in","de":"Einloggen","ru":"Вход"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"en":"FAQ","de":"FAQ","ru":"FAQ","_type":"localeString"},"references":{"en":"Requests","de":"References","ru":"Мои запросы","_type":"localeString"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find-it-product":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"_type":"localeString","en":"Bonus for reference","ru":"Бонус за референс"},"business-booster":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"catalogs":{"en":"Catalogs","ru":"Каталоги","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"for-suppliers":{"_type":"localeString","en":"For suppliers","ru":"Поставщикам"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"en":"My account","ru":"Мой кабинет","_type":"localeString"},"register":{"en":"Register","ru":"Зарегистрироваться","_type":"localeString"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"en":"Enter your search term","ru":"Введите поисковый запрос","_type":"localeString"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"en":"Our IT Catalogs","_type":"localeString"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"en":"About us","de":"Über uns","ru":"О нас","_type":"localeString"},"infocenter":{"de":"Infocenter","ru":"Инфоцентр","_type":"localeString","en":"Infocenter"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"en":"Marketplace","de":"Marketplace","ru":"Marketplace","_type":"localeString"},"products":{"de":"Produkte","ru":"Продукты","_type":"localeString","en":"Products"},"compare":{"ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"ru":"Salestools","_type":"localeString","en":"Salestools","de":"Salestools"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"_type":"localeString","en":"ROI calculators","de":"ROI-Rechner","ru":"ROI калькуляторы"},"matrix":{"en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString"},"b4r":{"_type":"localeString","en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference"},"our_social":{"_type":"localeString","en":"Our social networks","de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети"},"subscribe":{"de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter"},"subscribe_info":{"en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"_type":"localeString","en":"Agreement","ru":"Пользовательское соглашение "},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"_type":"localeString","en":"4 vendors","ru":"поставщикам"},"blog":{"_type":"localeString","en":"blog","ru":"блог"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"_type":"localeString","en":"Subscribe","ru":"Подписаться"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"_type":"localeString","en":"username@gmail.com","ru":"username@gmail.com"},"subscribe__name-placeholder":{"en":"Last, first name","ru":"Имя Фамилия","_type":"localeString"},"subscribe__success":{"en":"You are successfully subscribed! Check you mailbox.","ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString"},"subscribe__error":{"_type":"localeString","en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее."},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"ru":"Главная","_type":"localeString","en":"Home"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"en":"Registration","ru":"Регистрация","_type":"localeString"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"en":"First name","ru":"Имя","_type":"localeString"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"en":"Actual cost","ru":"Фактическая стоимость","_type":"localeString"},"received-roi":{"en":"Received ROI","ru":"Полученный ROI","_type":"localeString"},"saving-type":{"en":"Saving type","ru":"Тип экономии","_type":"localeString"},"comment":{"en":"Comment","ru":"Комментарий","_type":"localeString"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"_type":"localeString","en":"I agree","ru":"Я согласен"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"_type":"localeString","en":"Send","ru":"Отправить"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}},"filters":{"from":{"_type":"localeString","en":"from","ru":"от"},"to":{"ru":"до","_type":"localeString","en":"to"},"filter-price-title":{"ru":"Фильтр по цене","_type":"localeString","en":"Filter by price"},"view-type-label":{"ru":"Вид","_type":"localeString","en":"View"},"sort-type-label":{"en":"Sorting","ru":"Сортировка","_type":"localeString"},"category":{"_type":"localeString","en":"Category","ru":"Категория"},"follow":{"ru":"Следить","_type":"localeString","en":"Follow"},"add-product":{"en":"Add Product","ru":"Добавить продукт","_type":"localeString"},"show-all":{"ru":"Показать все","_type":"localeString","en":"Show all"},"filter-toggle":{"en":"Filter","ru":"Фильтр","_type":"localeString"},"clear-button":{"ru":"Очистить","_type":"localeString","en":"Сlear"},"delivery-type-field":{"_type":"localeString","en":"Delivery type","ru":"Тип поставки"},"product-categories-field":{"en":"product categories","ru":"категориz продуктаhjle","_type":"localeString"},"providers-field":{"en":"Providers","ru":"Поставщик, производитель","_type":"localeString"},"business-tasks-field":{"ru":"Бизнес задачи","_type":"localeString","en":"Business tasks"},"problems-field":{"_type":"localeString","en":"Problems","ru":"Проблемы"},"with-discounts-checkbox":{"_type":"localeString","en":"With discounts","ru":"Со скидками"},"expert-price-checkbox":{"ru":"Конфигуратор","_type":"localeString","en":"Configurator"},"roi-calculator-checkbox":{"en":"ROI-calculator","ru":"ROI-калькулятор","_type":"localeString"},"apply-filter-button":{"en":"Apply filter","ru":"Применить фильтр","_type":"localeString"},"sorting-toggle":{"en":"Sorting","ru":"Сортировка","_type":"localeString"},"show-all-button":{"ru":"Показать все","_type":"localeString","en":"Show all"},"suggest-product-button":{"_type":"localeString","en":"Suggest product","ru":"Предложить продукт"},"with-projects-label":{"ru":"С внедрениями","_type":"localeString","en":"With deployments"},"bonus-4-reference":{"en":"Bonus 4 Reference","ru":"Бонус за референс","_type":"localeString"},"product-categories":{"_type":"localeString","en":"Product Categories","ru":"Категории продуктов"},"countries":{"ru":"Страны","_type":"localeString","en":"Countries"},"seller":{"en":"Seller","ru":"Продавец","_type":"localeString"},"vendors":{"ru":"Производители продуктов пользователя","_type":"localeString","en":"User products vendors"},"suppliers":{"_type":"localeString","en":"User suppliers","ru":"Поставщики пользователя"},"business-process":{"ru":"Проблемы","_type":"localeString","en":"Problems"},"business-objectives":{"en":"Business tasks","ru":"Бизнес задачи","_type":"localeString"},"branch":{"en":" Branch","ru":"Отрасль","_type":"localeString"},"users":{"en":"Users","ru":"Пользователи","_type":"localeString"},"status":{"ru":"Статус","_type":"localeString","en":"Status"},"info-source":{"en":"Info source","ru":"Информационный ресурс","_type":"localeString"},"with-reference-checkbox":{"_type":"localeString","en":"With reference","ru":"С референсами"},"show-deal-checkbox":{"ru":"Показывать сделки с noname","_type":"localeString","en":"Show deal with noname"},"roi-checkbox":{"en":"ROI","ru":"ROI","_type":"localeString"},"problems":{"ru":"Проблемы","_type":"localeString","en":"Problems"},"find":{"ru":"Выполнить поиск","_type":"localeString","en":"Find"},"deal-date":{"ru":"Дата","_type":"localeString","en":"Date"},"try-button":{"_type":"localeString","en":"Try AI (Beta)","ru":"Попробовать AI (Beta)"},"hide":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"company-size":{"ru":"Размер компании","_type":"localeString","en":"Company size"},"add-company":{"ru":"Добавить компанию","_type":"localeString","en":"Add company"},"add-implementation":{"ru":"Добавить внедрение","_type":"localeString","en":"Add deployment"},"sort-title-asc":{"ru":"От А до Я","_type":"localeString","en":"From A to Z"},"sort-title-desc":{"_type":"localeString","en":"From Z to A","ru":"От Я до А"},"sellers-field":{"ru":"Поставщики, Производители","_type":"localeString","en":"Sellers"},"supply-types":{"en":"Supply type","ru":"Тип поставки","_type":"localeString"},"with-comments-checkbox":{"ru":"С комментариями","_type":"localeString","en":"With comments"},"supplier":{"_type":"localeString","en":"Supplier","ru":"Поставщик"},"vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"user":{"_type":"localeString","en":"User","ru":"Пользователь"},"company-type":{"_type":"localeString","en":"Company type","ru":"Тип компании"},"partners-field":{"_type":"localeString","en":"Partners","ru":" Партнеры"},"customers":{"ru":"Покупатели","_type":"localeString","en":"Customers"},"product-supplier":{"_type":"localeString","en":"Product supplier","ru":"Поставщик продукта"},"product-vendor":{"en":"Product vendor","ru":"Производитель продукта","_type":"localeString"},"implementation-date":{"ru":"Дата внедрения","_type":"localeString","en":"Deployment date"},"canceled":{"ru":"Отменено","_type":"localeString","en":"Canceled"},"deal-canceled":{"_type":"localeString","en":"Deal canceled","ru":"Сделка отменена"},"deal-closed":{"ru":"Сделка закрыта","_type":"localeString","en":"Deal closed"},"deal-in-progress":{"ru":"Сделка в процессе","_type":"localeString","en":"Deal in progress"},"deal-is-planned":{"ru":"Сделка планируется","_type":"localeString","en":"Deal is planned"},"finished":{"ru":"Завершено","_type":"localeString","en":"Finished"},"in-process":{"ru":"Ведется","_type":"localeString","en":"In Process"},"planned":{"en":"Planned","ru":"Планируется","_type":"localeString"},"proof-of-concept":{"en":"Proof of concept","ru":"Пилотный проект","_type":"localeString"},"stopped":{"_type":"localeString","en":"Stopped","ru":"Остановлено"},"competencies":{"_type":"localeString","en":"Competencies","ru":"Компетенции"}}},"translationsStatus":{"products":"success","filters":"success"},"sections":{"products-text-block":{"label":"catalog-products-text-block","body":{"en":[{"style":"normal","_key":"8bebcfb34955","markDefs":[],"children":[{"_type":"span","marks":[],"text":"The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks and problems. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.","_key":"8bebcfb349550"}],"_type":"block"}],"ru":[{"markDefs":[],"children":[{"_type":"span","marks":[],"text":"Каталог продуктов ROI4CIO - это база данных программного обеспечения, оборудования и ИТ-услуг для бизнеса. С помощью фильтров, подбирайте ИТ-продукты по категории, поставщику или производителю, бизнес-задачам, проблемам, наличию ROI калькулятора или калькулятора цены. Находите подходящие решения для бизнеса, воспользовавшись нейросетевым поиском, основанным на результатах внедрения софта в других компаниях.","_key":"28241882db7a0"}],"_type":"block","style":"normal","_key":"28241882db7a"}],"_type":"localeBlock"}}},"sectionsStatus":{"products-text-block":"success"},"pageMetaData":{"products":{"title":{"_type":"localeString","en":"ROI4CIO: Products","ru":"ROI4CIO: Продукты"},"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"content":"website","name":"og:type"}],"translatable_meta":[{"translations":{"en":"Products","ru":"Продукты","_type":"localeString"},"name":"og:title"},{"name":"description","translations":{"ru":"Лучшие приложения и it услуги для бизнеса. Выбор по видам программного обеспечения, бизнес-задачам и проблемам. Расчет стоимости лицензионного ПО, ROI","_type":"localeString","en":"Description"}},{"name":"og:description","translations":{"ru":"Лучшие приложения и it услуги для бизнеса. Выбор по видам программного обеспечения, бизнес-задачам и проблемам. Расчет стоимости лицензионного ПО, ROI","_type":"localeString","en":"The best applications and it services for business. Choice by type of software, business tasks and problems. Calculation of the cost of licensed software, ROI"}},{"translations":{"ru":"каталог, программное обеспечение, софт, ит услуги","_type":"localeString","en":"keyword"},"name":"keywords"},{"name":"title","translations":{"en":"Products","ru":"Продукты","_type":"localeString"}}]}},"pageMetaDataStatus":{"products":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{"dragos-industrial-cybersecurity-platofrm":{"id":3257,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/dragos_logo.jpg","logo":true,"scheme":false,"title":"Dragos Industrial Cybersecurity Platform","vendorVerified":0,"rating":"1.70","implementationsCount":2,"suppliersCount":0,"supplierPartnersCount":0,"alias":"dragos-industrial-cybersecurity-platofrm","companyTitle":"Dragos","companyTypes":["supplier","vendor"],"companyId":5131,"companyAlias":"dragos","description":"<span style=\"font-weight: bold;\">The Dragos Platform </span>contains all the necessary capabilities to monitor and defend ICS environments. It combines the functionality of an OT security incident and event management system (SIEM), network detection and anomaly system, and incident response platform with the experience and intelligence of the Dragos team.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\"><span style=\"left: 105.866px; top: 614.269px; font-size: 15.8333px; font-family: sans-serif; transform: scaleX(0.940557);\">IDENTIFY ASSETS</span></span></p>\r\n<span style=\"left: 262.37px; top: 616.376px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.05034);\">Deep packet inspection (DPI) of ICS protocols, traffic, and asset characterizations, ability to consume host </span><span style=\"left: 105.866px; top: 643.043px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.05341);\">logs and controller events, and integrations with ICS assets such as data historians provide a complete view of ICS environments.</span>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\"><span style=\"left: 105.866px; top: 674.19px; font-size: 15.8333px; font-family: sans-serif; transform: scaleX(0.992681);\">DETECT THREATS</span></span></p>\r\n<span style=\"left: 271.225px; top: 676.376px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.10124);\">Complex characterizations of adversary tactics, techniques, and procedures through threat behavior </span><span style=\"left: 105.866px; top: 703.043px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.09827);\">analytics pinpoint malicious activity</span><span style=\"left: 356.884px; top: 703.043px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.07189);\">on ICS networks and provide in-depth context to alerts.</span>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\"><span style=\"left: 105.866px; top: 734.19px; font-size: 15.8333px; font-family: sans-serif; transform: scaleX(1.02046);\">RESPOND</span></span></p>\r\n<span style=\"left: 208.338px; top: 736.376px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.0756);\">Expert-authored investigation playbooks and case management guide defenders step-by-step through the </span><span style=\"left: 105.866px; top: 763.043px; font-size: 15px; font-family: sans-serif; transform: scaleX(1.05983);\">investigation process to enable independence and transfer knowledge from our team to ICS defenders.</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n<ul> <li>Significantly reduce time to identify and inventory all assets and traffic on your network</li> <li>System-generated asset maps and reports provide consistent, time-driven views that are accurate, up-to-date, and thorough</li> <li>Automatic classification of assets based on behavior</li> <li>Set one or more baselines and get notifications when specific changes or anomalies occur in the environment over time</li> <li>Recognize new or rogue assets as they appear; identify assets that have disappeared from the network</li> <li>Powered by human-based intelligence that identifies adversary tradecraft and campaigns</li> <li>No bake-in or tuning period required; threat behavior analytics work immediately upon deployment</li> <li>Detect threats not simply as anomalies to investigate, but with context that guides effective response</li> <li>Notification filtering provides a risk-based approach to management</li> <li>Playbooks codify incident response and best-practice workflows developed by Dragos experts</li> <li>Manage incidents and cases from the same console cross-team</li> <li>Clear Indicator of Compromise reports guide attention to vulnerable assets</li> <li>Easily monitor case, notification, and analyst activity, as well as system-level health and statusT</li> <li>Splunk, QRadar, Pi Historian, LogRythym, Syslog, Windows Host Logs</li> </ul>","shortDescription":"ICS cybersecurity technology that provides ICS defenders with unprecedented visibility of their assets and communications, knowledge of threats through driven analytics.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Dragos Industrial Cybersecurity Platform","keywords":"","description":"<span style=\"font-weight: bold;\">The Dragos Platform </span>contains all the necessary capabilities to monitor and defend ICS environments. It combines the functionality of an OT security incident and event management system (SIEM), network detection and anoma","og:title":"Dragos Industrial Cybersecurity Platform","og:description":"<span style=\"font-weight: bold;\">The Dragos Platform </span>contains all the necessary capabilities to monitor and defend ICS environments. It combines the functionality of an OT security incident and event management system (SIEM), network detection and anoma","og:image":"https://old.roi4cio.com/fileadmin/user_upload/dragos_logo.jpg"},"eventUrl":"","translationId":3260,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":101,"title":"ICS/SCADA Cyber Security"}],"testingArea":"","categories":[{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":467,"title":"Network Forensics","alias":"network-forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force "catch it as you can" and a more intelligent "stop look listen" method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as "the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents".\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>"Catch-it-as-you-can" – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>"Stop, look and listen" – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png"},{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":45,"title":"SIEM - Security Information and Event Management","alias":"siem-security-information-and-event-management","description":"<span style=\"font-weight: bold; \">Security information and event management (SIEM)</span> is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. \r\n The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. At the most basic level, a SIEM system can be rules-based or employ a statistical correlation engine to establish relationships between event log entries. Advanced SIEM products have evolved to include user and entity behavior analytics (UEBA) and security orchestration and automated response (SOAR). \r\nThe acronyms SEM, SIM and SIEM have sometimes been used interchangeably, but generally refer to the different primary focus of products:\r\n<ul><li><span style=\"font-weight: bold;\">Log management:</span> Focus on simple collection and storage of log messages and audit trails.</li><li><span style=\"font-weight: bold;\">Security information management (SIM):</span> Long-term storage as well as analysis and reporting of log data.</li><li><span style=\"font-weight: bold;\">Security event manager (SEM):</span> Real-time monitoring, correlation of events, notifications and console views.</li><li><span style=\"font-weight: bold;\">Security information event management (SIEM):</span> Combines SIM and SEM and provides real-time analysis of security alerts generated by network hardware and applications.</li><li><span style=\"font-weight: bold;\">Managed Security Service (MSS) or Managed Security Service Provider (MSSP):</span> The most common managed services appear to evolve around connectivity and bandwidth, network monitoring, security, virtualization, and disaster recovery.</li><li><span style=\"font-weight: bold;\">Security as a service (SECaaS):</span> These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing and security event management, among others.</li></ul>\r\nToday, most of SIEM technology works by deploying multiple collection agents in a hierarchical manner to gather security-related events from end-user devices, servers, network equipment, as well as specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console where security analysts sift through the noise, connecting the dots and prioritizing security incidents.\r\nSome of the most important features to review when evaluating Security Information and Event Management software are:\r\n<ol><li><span style=\"font-weight: bold; \">Integration with other controls:</span> Can the system give commands to other enterprise security controls to prevent or stop attacks in progress?</li><li><span style=\"font-weight: bold; \">Artificial intelligence:</span> Can the system improve its own accuracy by through machine and deep learning?</li><li><span style=\"font-weight: bold; \">Threat intelligence feeds:</span> Can the system support threat intelligence feeds of the organization's choosing or is it mandated to use a particular feed?</li><li><span style=\"font-weight: bold; \">Robust compliance reporting:</span> Does the system include built-in reports for common compliance needs and the provide the organization with the ability to customize or create new compliance reports?</li><li><span style=\"font-weight: bold; \">Forensics capabilities:</span> Can the system capture additional information about security events by recording the headers and contents of packets of interest? </li></ol>\r\n\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> Why is SIEM Important?</h1>\r\nSIEM has become a core security component of modern organizations. The main reason is that every user or tracker leaves behind a virtual trail in a network’s log data. SIEM software is designed to use this log data in order to generate insight into past attacks and events. A SIEM solution not only identifies that an attack has happened, but allows you to see how and why it happened as well.\r\nAs organizations update and upscale to increasingly complex IT infrastructures, SIEM has become even more important in recent years. Contrary to popular belief, firewalls and antivirus packages are not enough to protect a network in its entirety. Zero-day attacks can still penetrate a system’s defenses even with these security measures in place.\r\nSIEM addresses this problem by detecting attack activity and assessing it against past behavior on the network. A security event monitoring has the ability to distinguish between legitimate use and a malicious attack. This helps to increase a system’s incident protection and avoid damage to systems and virtual property.\r\nThe use of SIEM also helps companies to comply with a variety of industry cyber management regulations. Log management is the industry standard method of auditing activity on an IT network. SIEM management provides the best way to meet this regulatory requirement and provide transparency over logs in order to generate clear insights and improvements.\r\n<h1 class=\"align-center\">Evaluation criteria for security information and event management software:</h1>\r\n<ul><li>Threat identification: Raw log form vs. descriptive.</li><li>Threat tracking: Ability to track through the various events, from source to destination.</li><li>Policy enforcement: Ability to enforce defined polices.</li><li>Application analysis: Ability to analyze application at Layer 7 if necessary.</li><li>Business relevance of events: Ability to assign business risk to events and have weighted threat levels.</li><li>Measuring changes and improvements: Ability to track configuration changes to devices.</li><li>Asset-based information: Ability to gather information on devices on the network.</li><li>Anomalous behavior (server): Ability to trend and see changes in how it communicates to others.</li><li>Anomalous behavior (network): Ability to trend and see how communications pass throughout the network.</li><li>Anomalous behavior (application): Ability to trend and see changes in how it communicates to others.</li><li>User monitoring: User activity, logging in, applications usage, etc.</li></ul>\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SIEM.png"},{"id":59,"title":"SCADA - Supervisory Control And Data Acquisition","alias":"scada-supervisory-control-and-data-acquisition","description":"<span style=\"font-weight: bold; \">SCADA</span> stands for <span style=\"font-weight: bold; \">Supervisory Control and Data Acquisition</span>, a term which describes the basic functions of a SCADA system. Companies use SCADA systems to control equipment across their sites and to collect and record data about their operations. SCADA is not a specific technology, but a type of application. Any application that gets operating data about a system in order to control and optimise that system is a SCADA application. That application may be a petrochemical distillation process, a water filtration system, a pipeline compressor, or just about anything else.\r\nSCADA solutions typically come in a combination of software and hardware elements, such as programmable logic controllers (PLCs) and remote terminal units (RTUs). Data acquisition in SCADA starts with PLCs and RTUs, which communicate with plant floor equipment such as factory machinery and sensors. Data gathered from the equipment is then sent to the next level, such as a control room, where operators can supervise the PLC and RTU controls using human-machine interfaces (HMIs). HMIs are an important element of SCADA systems. They are the screens that operators use to communicate with the SCADA system.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">The major components of a SCADA technology include:</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Master Terminal Unit (MTU).</span> It comprises a computer, PLC and a network server that helps MTU to communicate with the RTUs. MTU begins communication, collects and saves data, helps to interface with operators and to communicate data to other systems.</li><li><span style=\"font-weight: bold;\">Remote Terminal Unit (RTU).</span> RTU is used to collect information from these sensors and further sends the data to MTU. RTUs have the storage capacity facility. So, it stores the data and transmits the data when MTU sends the corresponding command.</li><li><span style=\"font-weight: bold;\">Communication Network (defined by its network topology).</span> In general, network means connection. When you tell a SCADA communication network, it is defined as a link between RTU in the field to MTU in the central location. The bidirectional wired or wireless communication channel is used for the networking purpose. Various other communication mediums like fiber optic cables, twisted pair cables, etc. are also used.</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Objectives of Supervisory Control and Data Acquisition system</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Monitor:</span> SCADA control system continuously monitors the physical parameters</li><li><span style=\"font-weight: bold;\">Measure:</span> It measures the parameter for processing</li><li><span style=\"font-weight: bold;\">Data Acquisition:</span> It acquires data from RTU, data loggers, etc</li><li><span style=\"font-weight: bold;\">Data Communication:</span> It helps to communicate and transmit a large amount of data between MTU and RTU units</li><li><span style=\"font-weight: bold;\">Controlling:</span> Online real-time monitoring and controlling of the process</li><li><span style=\"font-weight: bold;\">Automation:</span> It helps for automatic transmission and functionality</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Who Uses SCADA?</h1>\r\nSCADA systems are used by industrial organizations and companies in the public and private sectors to control and maintain efficiency, distribute data for smarter decisions, and communicate system issues to help mitigate downtime. Supervisory control systems work well in many different types of enterprises because they can range from simple configurations to large, complex installations. They are the backbone of many modern industries, including:\r\n<ul><li>Energy</li><li>Food and beverage</li><li>Manufacturing</li><li>Oil and gas</li><li>Power</li><li>Recycling</li><li>Transportation</li><li>Water and waste water</li><li>And many more</li></ul>\r\nVirtually anywhere you look in today's world, there is some type of SCADA monitoring system running behind the scenes: maintaining the refrigeration systems at the local supermarket, ensuring production and safety at a refinery, achieving quality standards at a waste water treatment plant, or even tracking your energy use at home, to give a few examples. Effective SCADA systems can result in significant savings of time and money. Numerous case studies have been published highlighting the benefits and savings of using a modern SCADA software.\r\n<h1 class=\"align-center\">Benefits of using SCADA software</h1>\r\nUsing modern SCADA software provides numerous benefits to businesses, and helps companies make the most of those benefits. Some of these advantages include:\r\n<span style=\"font-weight: bold; \">Easier engineering:</span> An advanced supervisory control application such provides easy-to-locate tools, wizards, graphic templates and other pre-configured elements, so engineers can create automation projects and set parameters quickly, even if they don't have programming experience. In addition, you can also easily maintain and expand existing applications as needed. The ability to automate the engineering process allows users, particularly system integrators and original equipment manufacturers (OEM), to set up complex projects much more efficiently and accurately.\r\n<span style=\"font-weight: bold; \">Improved data management:</span> A high-quality SCADA system makes it easier to collect, manage, access and analyze your operational data. It can enable automatic data recording and provide a central location for data storage. Additionally, it can transfer data to other systems such as MES and ERP as needed. \r\n<span style=\"font-weight: bold; \">Greater visibility:</span> One of the main advantages of using SCADA software is the improvement in visibility into your operations. It provides you with real-time information about your operations and enables you to conveniently view that information via an HMI. SCADA monitoring can also help in generating reports and analyzing data.\r\n<span style=\"font-weight: bold; \">Enhanced efficiency:</span> A SCADA system allows you to streamline processes through automated actions and user-friendly tools. The data that SCADA provides allows you to uncover opportunities for improving the efficiency of the operations, which can be used to make long-term changes to processes or even respond to real-time changes in conditions.\r\n<span style=\"font-weight: bold; \">Increased usability:</span> SCADA systems enable workers to control equipment more quickly, easily and safely through an HMI. Rather than having to control each piece of machinery manually, workers can manage them remotely and often control many pieces of equipment from a single location. Managers, even those who are not currently on the floor, also gain this capability.\r\n<span style=\"font-weight: bold; \">Reduced downtime:</span> A SCADA system can detect faults at an early stage and push instant alerts to the responsible personnel. Powered by predictive analytics, a SCADA system can also inform you of a potential issue of the machinery before it fails and causes larger problems. These features can help improve the overall equipment effectiveness (OEE) and reduce the amount of time and cost on troubleshooting and maintenance.\r\n<span style=\"font-weight: bold;\">Easy integration:</span> Connectivity to existing machine environments is key to removing data silos and maximizing productivity. \r\n<span style=\"font-weight: bold;\">Unified platform:</span>All of your data is also available in one platform, which helps you to get a clear overview of your operations and take full advantage of your data. All users also get real-time updates locally or remotely, ensuring everyone on your team is on the same page.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SCADA__-_Supervisory_Control_And_Data_Acquisition.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},"dragos-worldview":{"id":3261,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/dragos_logo.jpg","logo":true,"scheme":false,"title":"Dragos WorldView","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"dragos-worldview","companyTitle":"Dragos","companyTypes":["supplier","vendor"],"companyId":5131,"companyAlias":"dragos","description":"<span style=\"font-weight: bold; \">Dragos WorldView </span>is the industrial cybersecurity industry’s only product exclusively focused on ICS threat intelligence. Prepared by Dragos’ expert ICS/OT threat intelligence analysts, it is the essential supplement to any IT-focused intelligence product used by IT or OT professionals with responsibility for an ICS network. Dragos WorldView calls out and cuts through the hype and speculation surrounding ICS cybersecurity, providing an effective antidote to the fear, uncertainty and doubt it sows.<br /><br /><span style=\"font-weight: bold; \">WorldView</span> threat intelligence feeds, alerts, reports, and briefings provide deep, context-rich insight, illuminating the malicious actors and activity targeting industrial control networks globally. This knowledge enables ICS defenders to make both tactical decisions and strategic recommendations on ICS cybersecurity quickly, and with confidence.\r\n<blockquote>Dragos Worldview provides National Grid with clearly articulated intelligence, backed by evidence and specific information to help us mitigate threats. The clear understanding Dragos has of the environment in which we operate, allows us to cut through the hype around many potential industry vulnerabilities, so we can focus on the ones that matter most as we look after vital infrastructure and ensure supply to our customers.</blockquote>\r\n<i>National Grid</i>\r\n<p class=\"align-center\"><br /><span style=\"font-weight: bold; \">Dragos WorldView Content</span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \"><br /></span></p>\r\n<ul><li>ICS-themed malware identification and analysis ICS vulnerability disclosures and analysis</li><li>ICS adversary behavior trends</li><li>ICS threat/incident media report analysis and commentary</li><li>Cybersecurity conference presentations and researcher discoveries with Dragos’ expert perspective</li><li>Key indicators of compromise (IOCs) for defenders to utilize</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\"><br />Dragos WorldView Benefits</span></p>\r\n<p class=\"align-left\"> <span style=\"font-weight: bold;\">Immediacy</span>: critical threat alerts inform you of rapidly escalating ICS threat situations<br /><span style=\"font-weight: bold;\">Efficiency</span>: expert threat identification and analysis combats alert fatigue<br /><span style=\"font-weight: bold;\">Effectiveness</span>: reduce adversary dwell time and mean time to recovery (MTTR)<br /><span style=\"font-weight: bold;\">Insight</span>: ICS vulnerability, threat and incident assessments promote informed, timely, and confident decision making<br /><br /><br /></p>","shortDescription":"Industrial cybersecurity industry’s only product exclusively focused on ICS threat intelligence.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":13,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Dragos WorldView","keywords":"","description":"<span style=\"font-weight: bold; \">Dragos WorldView </span>is the industrial cybersecurity industry’s only product exclusively focused on ICS threat intelligence. Prepared by Dragos’ expert ICS/OT threat intelligence analysts, it is the essential supplement to ","og:title":"Dragos WorldView","og:description":"<span style=\"font-weight: bold; \">Dragos WorldView </span>is the industrial cybersecurity industry’s only product exclusively focused on ICS threat intelligence. Prepared by Dragos’ expert ICS/OT threat intelligence analysts, it is the essential supplement to ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/dragos_logo.jpg"},"eventUrl":"","translationId":3262,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":59,"title":"SCADA - Supervisory Control And Data Acquisition","alias":"scada-supervisory-control-and-data-acquisition","description":"<span style=\"font-weight: bold; \">SCADA</span> stands for <span style=\"font-weight: bold; \">Supervisory Control and Data Acquisition</span>, a term which describes the basic functions of a SCADA system. Companies use SCADA systems to control equipment across their sites and to collect and record data about their operations. SCADA is not a specific technology, but a type of application. Any application that gets operating data about a system in order to control and optimise that system is a SCADA application. That application may be a petrochemical distillation process, a water filtration system, a pipeline compressor, or just about anything else.\r\nSCADA solutions typically come in a combination of software and hardware elements, such as programmable logic controllers (PLCs) and remote terminal units (RTUs). Data acquisition in SCADA starts with PLCs and RTUs, which communicate with plant floor equipment such as factory machinery and sensors. Data gathered from the equipment is then sent to the next level, such as a control room, where operators can supervise the PLC and RTU controls using human-machine interfaces (HMIs). HMIs are an important element of SCADA systems. They are the screens that operators use to communicate with the SCADA system.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">The major components of a SCADA technology include:</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Master Terminal Unit (MTU).</span> It comprises a computer, PLC and a network server that helps MTU to communicate with the RTUs. MTU begins communication, collects and saves data, helps to interface with operators and to communicate data to other systems.</li><li><span style=\"font-weight: bold;\">Remote Terminal Unit (RTU).</span> RTU is used to collect information from these sensors and further sends the data to MTU. RTUs have the storage capacity facility. So, it stores the data and transmits the data when MTU sends the corresponding command.</li><li><span style=\"font-weight: bold;\">Communication Network (defined by its network topology).</span> In general, network means connection. When you tell a SCADA communication network, it is defined as a link between RTU in the field to MTU in the central location. The bidirectional wired or wireless communication channel is used for the networking purpose. Various other communication mediums like fiber optic cables, twisted pair cables, etc. are also used.</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Objectives of Supervisory Control and Data Acquisition system</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Monitor:</span> SCADA control system continuously monitors the physical parameters</li><li><span style=\"font-weight: bold;\">Measure:</span> It measures the parameter for processing</li><li><span style=\"font-weight: bold;\">Data Acquisition:</span> It acquires data from RTU, data loggers, etc</li><li><span style=\"font-weight: bold;\">Data Communication:</span> It helps to communicate and transmit a large amount of data between MTU and RTU units</li><li><span style=\"font-weight: bold;\">Controlling:</span> Online real-time monitoring and controlling of the process</li><li><span style=\"font-weight: bold;\">Automation:</span> It helps for automatic transmission and functionality</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Who Uses SCADA?</h1>\r\nSCADA systems are used by industrial organizations and companies in the public and private sectors to control and maintain efficiency, distribute data for smarter decisions, and communicate system issues to help mitigate downtime. Supervisory control systems work well in many different types of enterprises because they can range from simple configurations to large, complex installations. They are the backbone of many modern industries, including:\r\n<ul><li>Energy</li><li>Food and beverage</li><li>Manufacturing</li><li>Oil and gas</li><li>Power</li><li>Recycling</li><li>Transportation</li><li>Water and waste water</li><li>And many more</li></ul>\r\nVirtually anywhere you look in today's world, there is some type of SCADA monitoring system running behind the scenes: maintaining the refrigeration systems at the local supermarket, ensuring production and safety at a refinery, achieving quality standards at a waste water treatment plant, or even tracking your energy use at home, to give a few examples. Effective SCADA systems can result in significant savings of time and money. Numerous case studies have been published highlighting the benefits and savings of using a modern SCADA software.\r\n<h1 class=\"align-center\">Benefits of using SCADA software</h1>\r\nUsing modern SCADA software provides numerous benefits to businesses, and helps companies make the most of those benefits. Some of these advantages include:\r\n<span style=\"font-weight: bold; \">Easier engineering:</span> An advanced supervisory control application such provides easy-to-locate tools, wizards, graphic templates and other pre-configured elements, so engineers can create automation projects and set parameters quickly, even if they don't have programming experience. In addition, you can also easily maintain and expand existing applications as needed. The ability to automate the engineering process allows users, particularly system integrators and original equipment manufacturers (OEM), to set up complex projects much more efficiently and accurately.\r\n<span style=\"font-weight: bold; \">Improved data management:</span> A high-quality SCADA system makes it easier to collect, manage, access and analyze your operational data. It can enable automatic data recording and provide a central location for data storage. Additionally, it can transfer data to other systems such as MES and ERP as needed. \r\n<span style=\"font-weight: bold; \">Greater visibility:</span> One of the main advantages of using SCADA software is the improvement in visibility into your operations. It provides you with real-time information about your operations and enables you to conveniently view that information via an HMI. SCADA monitoring can also help in generating reports and analyzing data.\r\n<span style=\"font-weight: bold; \">Enhanced efficiency:</span> A SCADA system allows you to streamline processes through automated actions and user-friendly tools. The data that SCADA provides allows you to uncover opportunities for improving the efficiency of the operations, which can be used to make long-term changes to processes or even respond to real-time changes in conditions.\r\n<span style=\"font-weight: bold; \">Increased usability:</span> SCADA systems enable workers to control equipment more quickly, easily and safely through an HMI. Rather than having to control each piece of machinery manually, workers can manage them remotely and often control many pieces of equipment from a single location. Managers, even those who are not currently on the floor, also gain this capability.\r\n<span style=\"font-weight: bold; \">Reduced downtime:</span> A SCADA system can detect faults at an early stage and push instant alerts to the responsible personnel. Powered by predictive analytics, a SCADA system can also inform you of a potential issue of the machinery before it fails and causes larger problems. These features can help improve the overall equipment effectiveness (OEE) and reduce the amount of time and cost on troubleshooting and maintenance.\r\n<span style=\"font-weight: bold;\">Easy integration:</span> Connectivity to existing machine environments is key to removing data silos and maximizing productivity. \r\n<span style=\"font-weight: bold;\">Unified platform:</span>All of your data is also available in one platform, which helps you to get a clear overview of your operations and take full advantage of your data. All users also get real-time updates locally or remotely, ensuring everyone on your team is on the same page.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SCADA__-_Supervisory_Control_And_Data_Acquisition.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}},"aliases":{"1":["dragos-industrial-cybersecurity-platofrm","dragos-worldview"]},"links":{"first":"http://apis.roi4cio.com/api/products?page=1","last":"http://apis.roi4cio.com/api/products?page=1","prev":null,"next":null},"meta":{"current_page":1,"from":1,"last_page":1,"path":"http://apis.roi4cio.com/api/products","per_page":20,"to":2,"total":2},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{"101":{"id":101,"title":"ICS/SCADA Cyber Security"}},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}