Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/25/2010
11:55 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NitroSecurity Announces End-To-End NERC CIP Solution

NitroView CIP offers direct monitoring and assessment of cyberassets for electric power industry

PORTSMOUTH, NH--(Marketwire - May 25, 2010) - NitroSecurity, Inc., the leader in high-performance, content-aware security information and event management (SIEM) solutions, today announced NitroView CIP (Critical Infrastructure Protection) and a strategic partnership with leading critical infrastructure protection consulting firm Encari. Available immediately, NitroView CIP is the only integrated solution to offer direct monitoring and assessment of cyber assets to provide both security and compliance to the electric power industry. The solution combines NitroSecurity's full solution portfolio and Encari's expertise in NERC (North American Electric Reliability Corporation) CIP compliance remediation, to address both the need for real-time critical infrastructure security monitoring and to demonstrate compliance against the strict regulatory mandates established by NERC.

Bolstering the defenses that protect our critical infrastructure systems is front and center on the political and business agenda alike. However, ongoing regulatory audits are exposing high levels of risk due to vulnerabilities in systems that were not designed to support granular activity monitoring and security event logging. With the critical nature of these industrial control systems, it is increasingly important to provide dedicated monitoring and protection. At the same time, increasing regulatory pressure from NERC requires an overarching monitoring and assessment process, accelerating the need for a compatible SIEM system.

"With a fully integrated solution consisting of both SIEM and network, database and application security monitoring appliances, NitroSecurity is uniquely capable of solving the security and compliance requirements for critical infrastructure," said Eric D. Knapp, Director of Critical Infrastructure Markets for NitroSecurity. "With the assistance of Encari, we're able to extend the benefits of the NitroView platform to provide a highly focused, total solution for electric power generation, transmission and distribution."

"NERC CIP compliance goes beyond the simplistic report-packs that we see marketed by enterprise-oriented security vendors," said Encari Co-Founder Steven E. Hamburg. "Compliance requires assessment, remediation and ongoing sustainability. NitroSecurity's technology, paired with Encari's NERC CIP compliance expertise maximizes assurance of a successful initial implementation and provides a NERC CIP SIEM compliance roadmap for all NitroSecurity electric utility customers."

NitroView CIP monitors and alerts on control systems and cyber assets in real-time, producing a clear audit trail of how critical assets are used, and identifying those systems that are at risk --including passively monitoring the network and generating logs for assets that do not produce them natively. NitroView appliances are non-obtrusive and can drop into existing networks -- with no interruption of operations or impact to performance or reliability. Doing so enables critical infrastructure providers to:

* Monitor networks and assets for anomalies that could indicate threats * Inspect SCADA (Supervisory Control and Data Acquisition) and DCS (Distributed Control Systems) protocols including modbus, DNP3, ICCP and OPC * Generate auditable security logs for all monitored assets and applications * Simplify log reviews with built-in dashboards and reports for NERC CIP * Investigate threats in real-time to support rapid-response and recovery

NitroSecurity's roots in the Idaho National Labs, an applied engineering laboratory dedicated to supporting the U.S. Department of Energy, means that NitroSecurity understands the networks, protocols and applications of SCADA and DCS. This makes NitroView CIP suitable for deployment in a wide range of industrial systems, including electricity, water, gas and other critical infrastructures defined by Homeland Security Presidential Directive 7 (HSPD-7).

NitroSecurity's origins have also provided the company with unique advantages in performance and scalability, based upon patented high-speed data management technologies that allow NitroView to operate as a fully responsive component of incident response plans and real-time security operations centers.

"Other SIEMs simply aren't designed for rapid-response," added Knapp. "Response times measured in hours can sometimes be acceptable for certain compliance reporting functions, but when it comes to minimizing risk, reaction time is paramount. Within the context of critical infrastructure protection, a rapid response capability is mandatory... there's simply too much at stake to wait hours for your security platform to catch up."

NitroView CIP is available immediately. Pricing starts at $75,000 and includes products and initial NERC CIP compliance assessment and implementation services. NitroView CIP appliances are Common Criteria EAL3 certified and FIPS 140-2 Level 2 validated.

About Encari Encari is a leading provider of consulting services to assist owners and managers of critical infrastructure in honoring their commitment to safety and reliability. Encari achieves these objectives by protecting the cyber assets that help manage critical infrastructure and by assisting with all aspects of information security and regulatory compliance objectives. Encari provides services for a variety of critical infrastructures, such as Responsible Entities subject to National Nuclear Security Administration (NNSA) and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection Reliability Standards compliance and process control systems security.

About NitroSecurity NitroSecurity develops high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies, correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to their information and infrastructure. NitroSecurity serves more than 500 organizations in the energy, healthcare, education, financial services, government, retail, hospitality and managed services industries. For more information, please visit http://www.nitrosecurity.com.

Meghan Rozanski

CHEN PR

781.672.3128

[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...