For VendorsBlog
Indegy Device Integrity

Indegy Device Integrity

Take an active role in securing your industrial environment with Indegy's patented technology

Features of product

Проблемы Problem Solving
  • Unauthorized access to corporate IT systems and data
  • Risk or Leaks of confidential information
  • Malware infection via Internet, email, storage devices
  • Risk of data loss or damage
  • Risk of attacks by hackers
Ценности Business Values
  • Reduce Costs
  • Ensure Security and Business Continuity

About Product

Indegy Device Integrity automatically and proactively:

  • Discovers and classifies all ICS assets, including lower-level devices like PLCs, RTUs and DCS controllers – even when they’re not communicating in the network by leveraging unique native broadcast packets
  • Identifies changes in the device’s metadata (e.g. firmware version and configuration details) as well as changes in each code and function block in the ladder logic and critical memory segments
  • Amplifies detection through dedicated vendor specific, native, read-only protocols which yields a more comprehensive collection of information compared to the generic use of SNMP or Modbus

Indegy Device Integrity knows what you need to have:

  • Creates a full snapshot of the controller at a specific point in time
  • Compares it to previous baselined snapshots to validate the device’s integrity
  • Provides comprehensive detailed information about any configuration changes

How does Indegy Device Integrity do that?

Devices are queried only in native language, when positively identified

Indegy Device Integrity never uses communication protocols that the device might not support or that are not native. It also never “blindly scans” the network looking for devices. Only after positively identifying a specific asset down to the vendor model and version, Device Integrity will activate and start querying that asset to gather information.

Industrial Controllers are accessed only as they are designed

Most of the industrial controllers use different electronic modules for different purposes. Consequently, ethernet based communication, with engineering station software are executed by the networking module and aren’t part of the critical control loop. Additionally, mission critical I/O activity has its reserved processing resources, which prevents a network traffic overload. If the controllers aren’t being exploited or maliciously scanned, an overload will not occur.

Schedules and policy settings are customizable to your business needs

Choose your query frequency: every 8 hours, only at specific times of day, for specific subnets, or only by manual activation. With Indegy, it is possible to customize policies to query only predefined set of IP ranges or asset types. It is also possible to check the network load and CPU load on the devices before surveying them. Activity is Read-Only, Out of band Indegy Device Integrity utilizes 100% read-only communication and by design, does not have the ability to change configurations and settings of any of the devices in the network

Approach is vendor agnostic

Indegy works closely with controller vendors and performs extensive lab tests with physical devices to ensure that queries have no impact on the controllers and do not have the potential to cause any disruptions.

Features of users

Роли заинтересованных сотрудников Stakeholders Roles
  • Chief Information Officer
  • Chief IT Security Officer
  • IT Security and Risk Management
Признаки применимости Company requirements
  • Internet access is available for employees
  • Сonfidential data
  • IT Security Department in company
  • GDPR Compliance
Продающие истории Use Cases

Industrial Cyber Security Risk Assessment Service

Продающия история

Indegy has launched a new risk assessment service to identify risks and generate a plan for remediation. The analysis uses your specific device control configurations, together with known vulnerabilities, current external cyber threats, and malicious insider alerts, generates a risk assessment score and creates a comprehensive security report.

Work flow chart