Enforce Your Network Security Policy
Policy-based detection is a strong, deterministic, OT-specific tool that can be leveraged to detect under-the-radar events that don’t rise above statistical noise and thus go unnoticed by anomaly-based detection. As such, policy-based detection closes the ICS network security loop against all types of threats, and complements Indegy’s anomaly detection engine.
In addition to offering predefined OT policy packs, Indegy enables users to configure their own rules using a flexible, wizard-based interface. In accordance with each company's network security policy, these rules trigger alerts about risky activities, undesired asset configuration, or deviations from compliance requirements.
OT Activity Policies
Comprehensive ICS context awareness allows users to define alerts based on an activity's specific network impact with blacklisting, whitelisting or value-threshold monitoring.
Deterministic policies are crucial for areas where anomaly detection is inapt, such as complying with internal security policies or external regulations for ICS operations.
Flexible Rule Creation
Intuitive UI for defining rules based on IP ranges, automated asset classification category (e.g., controllers, engineering workstations, servers or HMIs) and logical operators.
Indegy Dual Threat Detection
Indegy's Threat Detection & Mitigation technology uniquely combines policy-based detection with anomaly detection. By leveraging both rules and statistical analysis, our technology finds more threats and risks, faster, and with less false positives. The policy detection engine strictly enforces deterministic rules based on the network security policy. This capability is complemented by the anomaly detection tool, which identifies stealthy deviations in network behavior from the statistical baseline.
Much More Than Statistics
It’s critical you understand exactly what happened when an alert is triggered.
Enforce a wide variety of policies culled from proven expertise in OT environments.
Detect Evasive Attacks
Discover potential risks that don’t rise above the statistical noise.
Regulation & Compliance
Sometimes risk mitigation isn’t about baselining - it’s about adhering to guidelines.
Trigger by Asset Type
Define policies based on the type of asset rather than defining IP ranges.
Beyond network activity
Policies can also be used to monitor proper configuration of devices in the environment.
Do you know all the threats to your ICS?
If your ICS network devices are compromised, your company is vulnerable to operational disruptions and widespread damage.
Indegy Industrial Cybersecurity Suite
Learn more about Indegy’s Cyber Security Suite for ICS networksDownload
Indegy Risk Assessment Service
Learn how Indegy’s new risk assessment service can help you protect your industrial network and mitigate threatsDownload
ICS Cyber Security Checklist
Here are the 6 areas of criteria to evaluate before choosing an ICS cyber security solutionDownload
Unmatched Threat Hunting
Unmatched Threat Hunting
Using Policy-based detection in tandem with Anomaly Detection, you'll detect more threats faster, and keep your industrial infrastructure safe.