Indegy, a leader in industrial cyber security, today announced the integration between its Indegy Industrial Cybersecurity Suite and IBM’s QRadar Security Intelligence Platform, which bridges the visibility gap between enterprise information technology (IT) environments and industrial, operational technology (OT) environments.
Recent attacks such as TRITON, Dragonfly 2.0, and CrashOverride/Industroyer have shown that today’s Industrial Control Systems (ICS), many of which are now connected to enterprise IT systems, are no longer isolated from cyber threats. Meanwhile, traditional IT security solutions are unable to monitor the specialized systems used in OT environments to identify risks. The combination of the Indegy Industrial Cybersecurity Suite and IBM QRadar provides the deep visibility, security and control required to close the blind spot between enterprise IT and industrial ICS networks.
The Indegy Industrial Cybersecurity Suite which parses OT events and converts them to a standard taxonomy format that can be displayed through the QRadar interface is available now on IBM Security App Exchange. As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime.
“IBM QRadar is trusted by thousands of enterprises to monitor cyber security threats in their IT environments,” said Barak Perelman, Co-founder and CEO of Indegy. “By combining our unmatched visibility into both industrial network and device level activity, with IBM QRadar, we are providing customers with holistic protection that spans their IT/OT infrastructures and can detect threats that attempt to move laterally between them.”
Closing the IT/OT Visibility Gap
The Indegy Industrial Cybersecurity Suite is purpose-built to provide real-time situational awareness and visibility into ICS networks. It combines behavioral anomaly detection with policy based rules for comprehensive threat detection and mitigation, and unique visibility into the asset inventory. Industrial facilities including critical infrastructures, utilities, water, energy, pharmaceutical and manufacturing organizations use Indegy to automate operational oversight processes, identify human errors such as misconfigurations and failed maintenance, and protect against malware, cyber attacks, and insider threats.
The IBM QRadar Security Intelligence Platform integrates security information and event management (SIEM), log management, anomaly detection, network analysis, user behavior analytics and vulnerability management to analyze data in real-time across an organization’s enterprise IT infrastructure to detect and prioritize potential security threats.
The combined Indegy-IBM solution provides joint customers the following benefits and capabilities:
- Visibility across IT and OT environments
- Behavioral and advanced heuristics
- Policy based controls
- Identification of vulnerabilities
- Complete and real-time device inventory
- Asset tracking
- Proactive security and compliance reporting.