Indegy's Core Technologies
The Indegy Platform is based on proprietary patent-pending technologies developed by Indegy’s team of ICS security experts. Each core technology focuses on different and unique aspects of the control-layer activities and solves different ICS visibility challenges. The combination of these innovative technologies provides unmatched visibility into ICS activities, and especially control-layer events that impact critical controller logic.
CONTROL NETWORK INSPECTION (CNI)
A deep packet inspection engine, specifically designed for the unique characteristics of industrial control systems.
Patent-pending technology detects control-layer events in vendor specific communications, used for operating IEC-61131 compatible industrial control systems.
Passively monitors standard operational communication protocols (like Modbus & DNP3).
Provides in depth, real time visibility into all activities performed over the operational network.
AGENTLESS CONTROLLER VERIFICATION (ACV)
Patent pending technology used for validating control device state and ensuring no unauthorized changes were made.
Periodic verification of controller device firmware, application and configuration provides full visibility with details for each controller.
Captures all changes to PLCs and RTUs, whether performed over the network or directly on the physical devices.
Eliminates a critical operational blind spot allowing security and operations engineers to track all changes to critical controllers.
The Indegy Applications
The platform includes built-in applications which provide visibility into ICS network
activity and support the implementation of security best practices in ICS Environments:
Get summary views and detailed reports to support the implementation of security best practices. The dashboard also provides a role-based administration interface allowing the configuration of rules and policies.
Automatically discover and map all control devices and get a comprehensive inventory of the control devices, including manufacturer, controller model, firmware version, last update time, etc. The inventory continues to update as new assets appear on the network and older assets are removed or replaced.
Assess the cyber security risk level per controller. Risk factors range from vulnerabilities in firmware code to configuration flaws such as unused open ports and default passwords, based both on aggregated public data sources, and Indegy Labs research.
Track and log all changes to controller logic and configuration. Indegy’s core technologies capture all changes, whether executed over the network, or physically on the device.
Provides real-time visibility into ICS network activity with a unique focus on the critical control layer. Detailed logs help track events and supports forensic investigations.
Use a granular rule-based system to set up access control and change management policies for receiving real-time alerts on unauthorized activities.
Do you want to direct the alerts to your SIEM?
- direct the alerts to your SIEM?
- relay asset configuration details to the CMDB?
- leverage in-house scripts?
The Indegy platform supports external integration through the easy to use RESTFul API.
Streamlined integration allows you to maximize your return on investment.