iSID – industrial threat detection

Additional Info

CompanyRadiflow
Websitehttp://www.radiflow.com
Company size (employees)10 to 49

Overview

iSID is Radiflow’s industrial threat detection solution for the industrial automation networks of manufacturing and other industrial enterprises.

iSID provides proactively cybersecurity for ICS and SCADA systems on OT networks through non-intrusive monitoring of distributed production environments for changes in topology and behavior.

Features Overview
• Automatic learning of topology and operational behavior
• Network traffic analysis based on DPI protocols
• Non-intrusive network operation
• Supervision over configuration changes in PLCs
• Model-based anomaly detection analytics and signature-based detection of known vulnerabilities
• Central-location deployment or local deployment at remote sites

Multiple Security Packages

iSID enables non-disruptive monitoring for changes in network topology and behavior using six security packages, each offering unique capabilities for a specific type of network activity.

Network Visibility – passively scans all OT network traffic and creates a visual network model for all devices, protocols and sessions with alerts upon detected topology changes (e.g. new devices or sessions)

Cyberattack – handles known threats to OT networks, including PLCs, RTUs and industrial protocols, based on data from external research labs and Radiflow’s own research

Policy Monitoring – defines policies for each network link for validating specific commands (e.g. “write to controller”) and operational ranges (e.g. “do not set turbine to above 800 rpm”)

Maintenance Management – limits network exposure during scheduled maintenance by creating work orders for specific devices during set time windows with log reports of all maintenance activities issued upon session completion

Anomaly Detection – creates a behavioral network model using multiple parameters, including device sequence sampling time, frequency of operational values and more, for detecting behavioral anomalies

Operational Behavior – monitors and audits the management of devices (PLC, RTU & IED) at remote sites with alerts for firmware changes or configuration modifications (e.g. software updates or turning edge devices on or off) and activity logging

How we are different

* Structured Cyber-Analysis Processes - iSID creates an automated framework for security analysts and risk managers to plan cybersecurity strategies and execute cybersecurity activities. iSID facilitates manufacturers to overcome existing cybersecurity practices, which generally rely on manual evaluations that are time consuming and not sufficiently responsive to changes in the threat and vulnerability landscape.


* Business-Driven Risk Assessment Tools - Radiflow has been experiencing increasing demand from manufacturing enterprises for the business-driven risk assessment tools recently added to iSID. An example of one of these tools in iSID that is increasingly being used by the company’s manufacturing customers calculates a risk score for each device connected to the OT network and ranks identified vulnerabilities according to the potential impact on the business logic of industrial operations. Another such tool in iSID maps the operational processes of the industrial facility and provides ongoing insight with actionable recommendations for mitigating identified risks. These business-driven tools in iSID automate vulnerability assessment processes and prioritize its risk mitigation activities according to the business operations of the manufacturer.


* OT MSSP Cybersecurity Services - for manufacturing enterprises that do not have the internal resources or know-how to effectively protect their OT networks, Radiflow works closely with its OT MSSP partners to help them implement OT cybersecurity services based on iSID. By hosting iSID in its Cloud environment, an MSSP can provide its manufacturing customers with a range of OT-dedicated cybersecurity services. These services can include monitoring the network and networked assets, detecting and responding to security breach alerts, provisioning software updates and patches, optimizing end user cybersecurity expenditures and more. Many of Radiflow’s OT MSSP partners are leveraging iSID’s business-driven risk assessment tools to offer advanced services that involve mapping business processes and prioritizing OT risk mitigation that reduce the potential for business interruptions.