IoT
9/10/2018
11:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SecurityMatters Announces ICS Patrol for Network Visibility, Compliance and Control

SecurityMatters ICS Patrol(TM) advances operational management and cybersecurity for critical infrastructure by providing asset visibility for enterprise-grade deployments.

EINDHOVEN, The Netherlands, Sept. 10, 2018 (GLOBE NEWSWIRE) -- Today, SecurityMatters, a global leader in Industrial Control Systems (ICS) network assessment and protection, announces the introduction of SilentDefense ICS Patrol™. This solution deploys optionally in tandem with SecurityMatters’ award winning product SilentDefense to provide improved asset visibility and operational compliance oversight for both IT and OT cybersecurity stakeholders.
With SecurityMatters ICS Patrol™ the asset owner now gains an unprecedented level of access to the real-time operating status of their environment that was impossible to achieve using a passive solution alone. Carefully driven by the SilentDefense advanced passive monitoring capabilities, this added level of visibility is achieved without any risk to the more delicate assets of the ICS network.
ICS Patrol™ is a powerful extension of SecurityMatters’ platform enabling not only increased visibility, but also advanced proactive capabilities, like threat hunting and compliance testing, making this modular solution the industry’s most advanced and flexible non-intrusive active technology available on the market today.
“We can now offer the customer complete visibility without the risk of impacting operations, regardless of the deployment scenario,” said Damiano Bolzoni, SecurityMatters co-founder and Chief Executive Officer. “Customers will be blown away by the amount of relevant information we’re able to provide them within the asset inventory.”
“For a long time, OT security operators have had blind spots in their operation that a completely passive solution couldn’t satisfy,” said Luca Barba, SecurityMatters Product Marketing Manager. “Additionally, the challenges of managing the rigors of a constantly evolving compliance environment is both time-consuming and costly for them. With ICS Patrol™ we’re able to provide customers with one solution that is dually capable of achieving the highest level of operational and threat intelligence, while also aiding compliance with NERC CIP, NIST CSF, IEC 62443 and more.”
As a separate and optional product, ICS Patrol™ extends the capabilities of SilentDefense to securely, selectively and actively query specific hosts on the ICS network. ICS Patrol™ includes Selective Scanning, a technique that uses targeted, non-intrusive network communications to better identify and dissect asset information, files, vulnerabilities, compliance violations and threats.
SecurityMatters ICS Patrol™ Provides:
  1. Enhanced Asset Visibility – Non-intrusively develop comprehensive inventories that include, but are not limited to, host status, OS Version, manufacturer, software and applications, serial numbers, network user behavior and installed patches. 
  2. Multi-Factor Threat Detection – Effectively enabling real-time search for information like vulnerabilities, active services, dangerous files, and known malicious hashes in a non-intrusive manner.
  3. Maximum Control – Enables better network policy development and monitoring using queries and rules in conjunction with internal operations or industry regulations.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.