Ensuring ICS Device Integrity

Indegy’s patent-pending active detection technology provides organizations with complete security coverage by surveying the entire Industrial Control System (ICS) network – including all its devices. Using the devices’ native communication protocols, Indegy Device Integrity discovers, classifies and queries all ICS assets for their configuration - even those that are not communicating in the network.

Central to our hybrid threat detection model, Indegy Device Integrity actively collects information that cannot be found using network sniffing but is crucial for protecting the OT environment. By providing complete asset inventory details and enriched context for alerts, it helps eliminate false positives. Native device querying ensures zero impact on network operations.

icon_infographic - device integrity

Extended Asset Details

Monitor device configuration data, such as firmware and OS versions, backplane configuration or logged-in users which doesn't normally traverse the network.

icon_infographic - device integrity

Efficient Threat Detection

By combining relevant context gathered from the devices with network activity monitoring, Device Integrity improves alert accuracy and boosts security analysts' productivity.

icon_infographic - device integrity

Zero Impact, Maximum Value

Device Integrity safely queries devices in their native protocols and only reads information. No changes to configurations and zero network impact.

Stats Pattern
50%

Are you missing half of what you need to see?

Network traffic monitoring only provides half of what's needed to secure ICS environments. Activate Device Integrity to see the full picture.

Indegy Hybric Detection Passive Plus Active Diagram

Hybrid Detection Engine

Indegy Device Integrity technology is an integral part of its unique hybrid threat detection engine. This active detection technology works in conjunction with passive network monitoring, providing critical information about your ICS environment that cannot be gathered solely by listening to network traffic. Our patent-pending device integrity capabilities keep you apprised of every detail for every asset in your OT network - all in a single pane of glass. This 360-degree situational awareness across your industrial environment significantly reduces your hardware footprint and maintenance costs.

Indegy Device Integrity
Activates More, Delivers More

Grid Image
In-Depth Visibility

Gain unparalleled visibility by leveraging the most comprehensive set of asset information.

Screenshot of a Single Controller details

In-Depth Visibility

Often, critical asset data does not traverse the ICS network. Details like the logged-in user, latest hotfixes installed on PCs and servers, and the firmware version and open port list of a PLC/DCS controller are stored within the devices themselves. Indegy Device Integrity addresses this gap by automatically querying the devices and gathering the most intimate details about every asset in your industrial environment. Our comprehensive asset tracking gives you full visibility and control over ICS assets.

Grid Image
Efficient Incident Response

Improve situational awareness with context-enriched alerts to reduce false positives and speed mitigation.

Screenshot of all events detected by the Indegy system

Efficient Incident Response

When the Indegy Industrial Cybersecurity Suite detects a suspicious network event, Device Integrity automatically queries the relevant devices to gather further contextual details. By adding relevant information such as “who is logged in to the engineering station at a specific time” and “what was the impact of a specific activity to the PLC ladder logic,” Device Integrity enables more meaningful alerts. This improves situational awareness, accelerates forensics and mitigation, and relieves pressure on Incident Response teams.

Grid Image
Detect Local Changes

Validates controller integrity by identifying changes made via direct
physical connections.

Screenshot of a Single Controller Code revisions history

Detect Local Changes

Changes made by authorized personnel or malicious actors to the controller code, firmware or configuration using a serial cable or USB drive cannot be detected by network monitoring. In some cases, an employee or contractor unknowingly exposes controllers to threats by using a compromised device, such as a malware-infected laptop or USB drive. By periodically capturing device snapshots and comparing them to previous baselines, Indegy can identify changes to controllers and ensure device integrity.

Grid Image
Lower Security Costs

Architected to optimize efficiency and value with minimum hardware and maintenance costs.

Indegy Three-Tier-Deployment-Model Diagram

Lower Security Costs

Unlike network-only monitoring technologies that need to be deployed at every intersection and switch on the network, Indegy Device Integrity technology lets you monitor all routable sections of the network with a single Indegy appliance. This can save you substantial hardware and maintenance costs, particularly in large industrial environments with multiple subnets. Using Indegy technology, you gain full control and visibility of your ICS network and all relevant devices without the costs of multiple appliances.

Grid Image
Backup and Recovery

Achieve ICS network resiliency while preserving your critical controller data.

Screenshot of a Single Controller Code revisions history

Backup and Recovery

Indegy Device Integrity preserves a full history of changes made to controllers over time. By capturing and storing a complete snapshot of the device including firmware, configuration, complete ladder logic, diagnostic buffer and tag structure, Indegy keeps track of each controller's versioning history and can help identify a previously known “good” state for faster recovery. However, Indegy Device Integrity does not actively push the snapshot or make any changes to recover the device.

Grid Image
Eliminate Blind Spots

Discover "invisible" assets that do not communicate over the network.

Indegy ICS Blind Spots Diagram

Eliminate Blind Spots

Indegy Device Integrity discovers dormant industrial devices that are connected to the network but are not communicating. Most industrial controllers include a built-in “find me” mechanism to support asset discovery with a single broadcast of a unique packet. This mechanism is used by engineering stations to find all controllers in the network automatically. Indegy Device Integrity uses this same built-in mechanism to make sure your asset inventory is complete and accurate, including dormant devices.

Active Threat Detection

Learn how Indegy Device Integrity helps secure your industrial environment by providing “protection on both fronts."

Get Secure, Activate ICS Threat Detection

Feature Name
Feature Name
iMac Mockup
Get Secure, Activate ICS Threat Detection

Passive network monitoring only gets you halfway there. Active threat detection is needed to truly secure your ICS environment.