- Company (that provides the nominated product / solution / service): Indegy
- Website: http://www.indegy.com/
- Company size (employees): 30
- Country: Israel
- Type of solution: Hybrid
- Approximate number of users worldwide: 15
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
The need for ICS visibility and security is growing, as recent attacks such as the Ukranian electric utility, the New York City dam, and the water treatment plant that Verizon codenamed the Kemuri Water Company. By detecting unauthorized access and logic changes made to process controllers, like PLCs, RTUs, and DCS used to manage the lifecycle of industrial processes, Indegy uniquely provides advanced protection against cyber attacks, insider threats, and human error.
In less than a year from emerging from stealth, Indegy has already received industry recognition for its innovations in industrial cyber security. Indegy won Best Next Gen ICS/SCADA Security Solution from Cyber Defense Magazine, was the 2016 TiE50 Winner, one of the 10 Most Promising Cyber Security Startups by Forbes Israel, and named a Network World Hot Security Startup to Watch.
The Indegy team combines a unique mix of cyber-security expertise with hands-on industrial control knowledge. The company’s leadership and R&D team consists of veterans from the elite IDF cyber security units. The company has developed first-ever industrial cyber security advancements, including Control Network Inspection (CNI) technology that monitors all network activity, including proprietary control-layer commands, to provide unique real-time visibility into critical controller logic changes. Indegy has patents pending on its Agentless Controller Verification (ACV) technology that eliminates operational blind spots by detecting changes to controllers regardless of whether they are performed via the network or physically on the device.
Indegy has developed cutting-edge cyber security technology to protect Industrial Control Systems (ICS)/SCADA used in critical infrastructures – in energy, water utilities, petrochemical plants, manufacturing facilities, etc. The Indegy Industrial Cyber Security Platform provides real-time situational awareness and visibility into the critical control-layer of Operational Technology (OT) networks to identify threats that place the safety, reliability and cybersecurity of Industrial Control Systems (ICS) at risk.
While easy to attack, ICS systems are quite difficult to defend. The OT networks that underpin ICS lack the cybersecurity safeguards including authentication and encryption controls inherent in IT networks. Many are only protected by “Air Gaps”, which are nearly meaningless today’s Internet-connected environment. ICS devices and applications are rarely patched due to concerns over interruptions in service. Further, the control plane communication protocols are not simple proxies between HMI/SCADA and I/Os but contain logic, configuration and firmware that engineering uses to run operations. These protocols are proprietary, vendor-specific, and largely undocumented.
Indegy has innovated the first ever cyber security platform with comprehensive visibility into the critical and proprietary control-plane of OT networks.
Indegy’s non-intrusive, agentless, deep-inspection technology captures all proprietary, vendor-specific control-plane activity, including changes or anomalies in controller state, logic, configuration settings, firmware uploads/downloads, etc. It detects all ICS changes, regardless of whether they are performed over the network and directly on physical devices, to eliminate cyber security blind spots. Indegy also provides a comprehensive audit trail for this activity, which is currently unavailable to OT administrators. In this way, Indegy provides ICS engineers and security staff with real-time situational awareness, visibility and security that not only protects OT networks, but enables engineers and security personnel to quickly respond to threats in their critical ICS infrastructures to prevent operational disruptions and physical damage.