GREYCORTEX offers an advanced Network Traffic Analysis solution for Control/OT networks. Using traditional detection techniques as well as advanced artificial intelligence and machine learning, it detects new and unknown attacks, behavioral anomalies, and misconfigurations for safer and more stable Control/OT networks. Its unique approach to network visibility provides deep and dynamic insight into the network's OT and IT devices, communication matrices, and communications content.
GREYCORTEX's SCADA features complement IT security technologies like firewalls, gateways, identity management, SIEMS, and fill the gaps in these technologies, decreasing the time and resources necessary to make Control/OT networks more secure and reliable.
Unique Visibility
Deep visibility into industrial networks and ICS protocols, dynamic mapping of assets, and communications which are both vital for OT and IT security teams.
Anomaly Detection
Discovering security and operational anomalies and misconfigurations helps to ensure secure configurations for HW and SW, hardens systems, eliminates risk, and enforces policies.
Threat Detection
Easy threat and risk management through correlation of multiple advanced detection techniques like signature-based detection, unsupervised machine learning, and network behavior analysis.
Scalability and Rapid Deployments
Easily scalable and deployable to complex, distributed networks and easy to integrate with other infrastructure like SOC technologies.
GREYCORTEX is focused on serving needs the following industries:
Transmission Grids
Energy Distribution
Industry 4.0
Public Utilities
Easily View Complex Issues
Automated Asset Mapping for Inventory Management
Quickly discover when new devices, services, subnets, etc. appear in the network, or previously active devices or services stop communicating
Audit all devices and communications that appear during a user-defined period
Protocol Visibility and Visualization
Capture full SCADA protocol content for supported protocols including MODBUS, DNP3, IEC 60870-5-104, IEC 61850 (GOOSE, SV, MMS), SNMP, TELNET, CIP, CCLINK, OMRON FINS
Visualize data channels in real time (control states and control commands)
Scaling & Integration
Easy scaling with three tier architecture: sensor -> collector -> central event management architecture
Integrate quickly with a range of technologies such as SIEMS, firewalls, NAC, or active directory
Dynamic and Granular Network Visibility
Full visibility into both IP and Ethernet traffic
Visualize the network, its dependencies, and its filter assets and communications using parameters like subnetwork, protocol, vendor, and flow direction for any time period
Build granular communication maps for auditing, hardening. or detecting misconfigurations
Signature-Based Detection
Detect known vulnerability exploits (CVES), unauthorized SCADA control commands, and policy breaches
Behavior Analytics
Detect signs of previously hidden malicious and unauthorized behavior and targeted, or “zero-day” attacks
Utilize guided machine learning to detect anomalies in parameters like anomalous data transferred, number of communication partners, or network services used
Automatic correlation of all other detection methods
Quick Forensics and
Troubleshooting
Easily filter detected events and communications metadata