CyberX announced a new technology integration with CyberArk to provide secure remote access for critical industrial networks. CyberX is also a new member of the C3 Alliance, CyberArk’s global technology partner program.
CyberX is a specialist in ICS and IIoT security with deployments across energy & utilities, oil & gas, manufacturing, pharmaceuticals, chemicals, nuclear and water. Since 2013, the company has leveraged its passive monitoring and proprietary Network Traffic Analysis (NTA) algorithms to assess ICS risk for more than 375 production ICS networks worldwide. Purpose-built for ICS security and developed by military cyber experts with nation-state experience defending critical infrastructure, the CyberX platform is designed to deliver continuous ICS threat monitoring and asset discovery, ICS threat intelligence, and non-invasive risk and vulnerability assessments.
The CyberArk solution offers a range of capabilities for securing privileged credentials and controlling remote access to critical assets such as SCADA workstations and Human Machine Interfaces (HMIs). The integration of CyberX’s continuous ICS monitoring platform with the CyberArk Privileged Account Security Solution is intended to enable industrial organizations to:
- Receive real-time alerts whenever CyberX detects remote sessions on the ICS network that were not authorized by the CyberArk solution. Additionally, the CyberX platform incorporates ICS-specific behavioral analytics and self-learning to immediately detect anomalous behavior indicating a potential breach of the OT network
- Continuously monitor and audit privileged user sessions in the CyberX console, including which ICS devices are being accessed and whether the session is being recorded by CyberArk
- Perform incident response, threat hunting and threat modeling around remote access. To enable rapid breach response, SOC analysts can now query the CyberX event timeline to identify all remote sessions based on forensic details such as which remote access protocols were used (SSH, RDP, etc.) and whether sessions were authorized by CyberArk. Additionally, they can leverage CyberX’s automated threat modeling capability to proactively identify and secure multi-step attack chains that incorporate remote access connections to compromise critical assets
The CyberArk Privileged Account Security Solution is a solution designed to protect, monitor, alert and respond to privileged account-related risk. The platform offers a range of capabilities including the ability to secure and control access to privileged credentials and secrets based on policy; isolate, monitor and record privileged sessions; respond to anomalous privileged activity and halt in-progress attacks, and enforce least-privileged policies across all endpoints.