Technology Notifies Security Personnel of Unintended Changes or Hostile Attack on Controller Firmware, Logic and/or Parameters
NEW YORK, April 17, 2019 — Indegy, a leader in industrial cyber security, today announced it has received patent #10,261,489 from the United States Patent & Trademark Office for software technology that detects misconfigurations and hostile attacks in industrial control networks using active querying. The patented invention is part of the Indegy Industrial Cybersecurity Suite, which is the first product to provide active and passive detection of threats in industrial control system (ICS) based environments.
Industrial Control Systems use Programmable Controllers (PLC and DCS) to manage processes. Any changes to the firmware, application logic or configuration parameters of a controller, whether caused by human error or intentionally by a hostile attacker, can result in potentially life threatening physical and environmental damage. A recent investigative report published by the Wall Street Journal revealed that Russian agents have already hacked into the US electric grid.
“This patent recognizes Indegy for inventing the active detection of cyber threats to industrial control systems which accomplishes more than passive network monitoring alone and provides visibility customers cannot do without,” said Mille Gandelsman, CTO of Indegy. “Our unique combination of both active and passive threat detection provides complete visibility into all operational network activity, including changes made directly on control devices that elude competitive approaches.”
Highlights of the Indegy Patent
The patented invention works in the following way:
- The Indegy product requests that a controller, which controls one or more field devices in an industrial control network, report the code it is currently using
- Indegy compares the code reported by the controller with a stored baseline version of the code;
- When a discrepancy between the code reported by the controller and the baseline version is detected, Indegy automatically issues a notification
- Indegy also reduces the number of devices needed to achieve 100% visibility since it eliminates the need to tap into every network switch
- Finally, Indegy works in environments that don’t even have managed switches
The Indegy Industrial Cybersecurity Suite is purpose-built to provide real-time situational awareness and visibility into ICS networks. It combines behavioral anomaly detection with policy based rules for comprehensive threat detection and mitigation, and unique visibility into asset inventory. Industrial facilities including critical infrastructure such as utilities, water, energy, pharmaceutical and manufacturing use Indegy to automate operational oversight processes, identify human errors such as misconfigurations and failed maintenance, and protect against malware, cyber attacks and insider threats.
Indegy, a leader in industrial cyber security, protects industrial control system (ICS) networks from cyber threats, malicious insiders and human error. The Indegy Industrial Cybersecurity Suite arms security and operations teams with full visibility, security and control of ICS activity and threats by combining hybrid, policy-based monitoring and network anomaly detection with unique device integrity checks. Indegy solutions are installed in manufacturing, pharmaceutical, energy, water and other industrial organizations around the world. For more information visit www.indegy.com and follow us on Twitter and LinkedIn.
Media Contact: Marc Gendron, Marc Gendron PR for Indegy, 781-237-0341, email@example.com