Solution Code: GC001
GREYCORTEX offers an advanced Network Traffic Analysis solution for Control/OT networks. Using traditional detection techniques as well as advanced artificial intelligence and machine learning, it detects new and unknown attacks, behavioral anomalies, and misconfigurations for safer and more stable Control/OT networks. Its unique approach to network visibility provides deep and dynamic insight into the network's OT and IT devices, communication matrices, and communications content.
GREYCORTEX's SCADA features complement IT security technologies like firewalls, gateways, identity management, SIEMS, and fill the gaps in these technologies, decreasing the time and resources necessary to make Control/OT networks more secure and reliable.
Deep visibility into industrial networks and ICS protocols, dynamic mapping of assets, and communications which are both vital for OT and IT security teams.
Discovering security and operational anomalies and misconfigurations helps to ensure secure configurations for HW and SW, hardens systems, eliminates risk, and enforces policies.
Easy threat and risk management through correlation of multiple advanced detection techniques like signature-based detection, unsupervised machine learning, and network behavior analysis.
Scalability and Rapid Deployments
Easily scalable and deployable to complex, distributed networks and easy to integrate with other infrastructure like SOC technologies.
GREYCORTEX is focused on serving needs the following industries:
- Transmission Grids
- Energy Distribution
- Industry 4.0
- Public Utilities
Easily View Complex Issues
Automated Asset Mapping for Inventory Management
- Quickly discover when new devices, services, subnets, etc. appear in the network, or previously active devices or services stop communicating
- Audit all devices and communications that appear during a user-defined period
Protocol Visibility and Visualization
- Capture full SCADA protocol content for supported protocols including MODBUS, DNP3, IEC 60870-5-104, IEC 61850 (GOOSE, SV, MMS), SNMP, TELNET, CIP, CCLINK, OMRON FINS
- Visualize data channels in real time (control states and control commands)
Scaling & Integration
- Easy scaling with three tier architecture: sensor -> collector -> central event management architectureIntegrate quickly with a range of technologies such as SIEMS, firewalls, NAC, or active directory
Dynamic and Granular Network Visibility
- Full visibility into both IP and Ethernet traffic
- Visualize the network, its dependencies, and its filter assets and communications using parameters like subnetwork, protocol, vendor, and flow direction for any time period
- Build granular communication maps for auditing, hardening. or detecting misconfigurations
- Detect known vulnerability exploits (CVES), unauthorized SCADA control commands, and policy breaches
- Detect signs of previously hidden malicious and unauthorized behavior and targeted, or “zero-day” attacks
- Utilize guided machine learning to detect anomalies in parameters like anomalous data transferred, number of communication partners, or network services used
- Automatic correlation of all other detection methods
Quick Forensics and Troubleshooting
- Easily filter detected events and communications metadata
- Months or years of communication history
- On-demand full packet capture