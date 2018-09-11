Indegy, a leader in industrial
cyber security, today announced an integration partnership with the Open
Information Security Foundation (OISF), the nonprofit organization that
owns and manages Suricata, the world-class network threat detection
engine. The integration will combine Indegy’s patent-pending active
device-based threat detection with Suricata’s open source network threat
intelligence to provide end-to-end protection for operational technology
(OT) environments. The companies will collaborate to make attack
signatures and rules gathered from industrial networks available and
actionable to the broader OT security community for the first time.
Recent attacks such as TRITON,
Dragonfly
2.0, and CrashOverride/Industroyer
have demonstrated that today’s Industrial Control Systems (ICS), most of
which are now connected to enterprise IT systems, are no longer isolated
from cyber threats. While open source sharing of threat intelligence on
new attacks and signatures is commonplace in IT, it still does not exist
in the OT world. The integration of the Indegy Industrial Cyber Security
Suite and Suricata both strengthens OT networks and provides industrial
organizations with the ability to access signatures and rules from the
community and operationalize them.
“As a member of the Open Information Security Foundation, we are joining
forces with Suricata to harness the power of open intelligence sharing
for addressing complex threats to OT environments,” said Mille
Gandelsman, Co-founder and CTO of Indegy. “By combining our
patent-pending active ICS device querying technology with the Suricata
threat detection engine, we are providing customers with holistic
protection against lateral attacks that span IT and OT infrastructures.
We will also contribute OT signatures to the security community at
large.”
“We are very excited to welcome Indegy into the OISF consortium,” said
Kelley Misata, Ph.D., Executive Director of the Open Information
Security Foundation (OISF). “Our consortium members are critical to
Suricata’s ongoing success and development. With support from companies
like Indegy, our team can keep Suricata ahead of the growing demands for
stable and robust security technologies.”
Active Device and Network OT Threat Detection
To extend the industry’s first and leading active monitoring technology,
Indegy Device Integrity, the Indegy and Suricata solution
inspects every packet in an OT network against a comprehensive signature
database for attacks or compromised assets. This advanced threat
detection capability spans dozens of categories including suspicious
network behaviors, malware command and control, DoS attacks, botnets,
informational events, exploits, vulnerabilities, network attacks,
exploit kit activity, and more. Organizations can use this intelligence
to implement predefined policies or create custom policies that white
and/or blacklist specific granular activities that may be indicative of
cyber threats or trigger alerts when unintended operational changes
occur.
The Indegy-Suricata solution will provide customers with the following
benefits and capabilities:
-
Early warning of reconnaissance activity
-
Integrated threat intelligence from a global security ecosystem
-
Access to constantly updated signatures from the Suricata community
-
Pre-configured rules that provide the best defense for ICS environments
-
Automated reporting
Availability
The Indegy Industrial Cyber Security Suite with
Suricata integration will be available in the fourth quarter of this
year from Indegy and its partners worldwide.
About OISF
The Open Information Security Foundation (OISF)
is a non-profit organization created to build community and to support
open source security technologies like Suricata, the world-class IDS/IPS
network monitoring engine. OISF is dedicated to preserving the integrity
of open source security technologies and the communities that keep them
thriving. Our team and community members includes world-class security
and non-profit experts, programmers, and industry leaders dedicated to
open source security technologies.
Suricata is a free and open source, mature, fast, and robust network
threat detection engine capable of real time intrusion detection (IDS),
inline intrusion prevention (IPS), network security monitoring (NSM) and
offline packet capture (pcap) processing. Suricata’s fast-paced
community-driven development focuses on security, usability, and
efficiency.
For more information, visit https://oisf.net/.
About Indegy
Indegy, a leader in industrial cyber security,
protects industrial control system (ICS) networks from cyber threats,
malicious insiders and human error. The Indegy Industrial
Cyber Security Suite arms security and operations teams with full
visibility, security and control of ICS activity and threats by
combining hybrid, policy-based monitoring and network anomaly detection
with unique device integrity checks. Indegy solutions are installed in
manufacturing, pharmaceutical, energy, water and other industrial
organizations around the world.
The Indegy Industrial Cyber Security Suite provides comprehensive threat
hunting, automated asset inventory, vulnerability management and
configuration control. The suite of capabilities ties together in an
out-of-the-box deployment resulting in delivery of alerts, audit trails,
automated reports and 3rd party integration with your existing tools.
For more information visit www.indegy.com
and follow us on Twitter and LinkedIn.
