The Asset Inventory Challenge
A comprehensive Extended Internet of Things (XIoT) asset inventory is crucial for cybersecurity, but achieving it involves overcoming several key barriers:
Proprietary Protocols
OT, BAS, and CPS often use proprietary protocols that are incompatible with general security tools, making them invisible.
Diverse Assets
CPS assets can span decades, resulting in a mix of new and legacy devices with varied operations and communication methods.
Network Complexity
CPS environments feature intricate network architectures, including serial or air-gapped sections, spread across multiple sites.
One-Size-Fits-All Inventory
Passive monitoring alone is insufficient for asset discovery. A complete XIoT inventory requires a combination of methods.
Streamlines Threat Alerting and Minimizes False Positives
In complex and diverse CPS environments, threat monitoring often results in numerous false positives. Automatically filtering out these false positives and consolidating related events into a single alert helps optimize prioritization and response, reduces alert fatigue, and allows you to focus on the most critical threats.
Easily Identifying and Remediating Attack Vectors
Unknown or unusual communication between CPS and external sources often signals potential threats. This system alerts on such communications and automatically defines, tailors, and deploys policies to prevent future violations, effectively eliminating these attack vectors.
Network Protection
Extensive visibility allows automatic mapping and virtual segmentation of networks into Virtual Zones—logical groups of assets that typically communicate with each other. These Virtual Zones enhance threat detection by enabling alerts for cross-zone communication violations and integrating with existing firewall and NAC solutions for policy-based segmentation enforcement.
Threat Detection
Five detection engines automatically profile assets, communications, and processes, establishing a behavioral baseline to distinguish legitimate traffic and filter out false positives. Real-time alerts for known and emerging threats provide highly contextualized timelines, helping prioritize threat remediation and reduce alert fatigue.