Indegy announced a technology integration partnership with ForeScout Technologies where Indegy will extend ForeScout’s network-connected device visibility into operational technology (OT) networks. The joint solution makes Indegy’s visibility, control and security for industrial control system (ICS) assets available in the ForeScout platform for comprehensive intelligence across an organization.
“According to the recent joint DHS/FBI CERT Technical Alert, adversaries have compromised facilities across the US to conduct reconnaissance and develop ‘red button’ capability for future attacks,” said Barak Perelman, CEO of Indegy. “It is imperative that targeted sectors including energy, nuclear, water, and manufacturing significantly increase ICS security. Our partnership with ForeScout closes the OT security gap by providing tightly integrated, centrally managed visibility and control over IT and OT assets in critical infrastructures.”
OT environments lack visibility and security controls. For example, most OT devices do not require authentication, making it difficult to prevent unauthorized access or changes to critical devices whether they are performed via the network or a physical connection. Event logs and historical data may not be available for threat detection and response. Meanwhile, traditional IT security solutions do not cover OT assets for vulnerability and configuration since they are blind to the unique patterns and protocols of ICS traffic. In addition, network-only OT security solutions lack visibility into local maintenance modifications, context of endpoint state during attacks, and current patch levels.
The Indegy/ForeScout integration
The Indegy-ForeScout joint solution bridges the traditional divide between IT and OT by providing a consolidated view of both environments. It provides visibility and management of IT and OT devices across the entire organization. ForeScout’s unique technology using agentless visibility and control is used in Global 2000 enterprises and government agencies and provides comprehensive inventory and device compliance for network-connected devices. Indegy offers deeper visibility into ICS environments including SCADA systems, programmable logic controllers (PLC) and sensors while also enabling incident detection, response and vulnerability/threat mitigation.
Threat Detection Across IT and OT Networks
The Indegy Security Suite identifies threats to OT networks through a combination of behavioral anomalies and policy based rules, and sends real-time alerts to the ForeScout platform. This provides a unified view across IT and OT environments to detect threats, including:
- Reconnaissance activity in OT networks
- Malware propagation across the network
- Unauthorized or abnormal communications
- Unauthorized attempts to read controller configuration, setting or code
- Attempts to change critical controller configuration, code or firmware
The joint solution streamlines compliance monitoring for NIST, NERC, ISO/IEC 27001 and similar frameworks by automating reporting across enterprise IT, IoT and OT environments.