SCADAfence partners with Demisto to extend automated incident response to OT networks

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

SCADAfence is partnering with Demisto to enable industrial organizations to respond to the threats that spread from IT to OT networks. With the integration of SCADAfence’s Continuous Network Monitoring (CNM) solution with Demisto’s Enterprise platform, security managers can assess their exposure to cyberattacks that move laterally from IT to OT. As a result, they can respond and mitigate ongoing incidents that threaten their operational availability.

For example, if a ransomware attack, such as the infamous WannaCry or NotPetya, occurs in the IT network, organizations can identify their exposed OT assets and mitigate the risks before further infection takes place.

Benefits of the SCADAfence-Demisto joint offering:

  • Leveraging SCADAfence CNM’s analytics and understanding of the characteristics of OT networks to assess exposure of OT operations to threats identified in IT networks, such as malware and ransomware.
  • Enabling the Demisto Enterprise platform to extend security orchestration and automation capabilities to OT networks, enabling incident management and policy enforcement across the IT/OT enterprise.

Cybersecurity events involving industrial operations and critical infrastructures are becoming more commonplace. As OT networks require increased connectivity to IT networks and to the Internet as a whole, air-gapping is no longer a viable option.

OT networks are now threatened by IT-originated attacks that spread to affect production lines. The potential damage to compromised OT networks is substantial – including sabotaging of goods and production stoppages – causing financial and reputational damage.

“We receive numerous requests from customers to gain visibility and control of the security in the OT networks, and we welcome SCADAfence as our partner to close this gap,” said Dan Sarel, Demisto’s Co-founder and Vice President of Products. “We can now offer a solution that unifies security incident handling across IT and OT networks, protecting critical production processes.”

“The partnership will enable our customers to leverage the power of Demisto’s Enterprise platform and benefit from integration with a wide range of security tools – to enforce the security policy according to the actions recommended by SCADAfence CNM’s monitoring and alerting functions,” concluded Tom Thirer, SCADAfence’s Vice President of Product Management.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.