Forescout Technologies, Inc. today announced the expansion of its security partnership ecosystem to create a cohesive infrastructure for monitoring and mitigating threats and emerging risks across IT and operational technology (OT) environments. According to the company’s announcement, Forescout’s expanded partnerships and integrations with Splunk, CrowdStrike and CyberArk enable joint customers to bridge security gaps and strengthen the cyber-physical risk posture across the entire network, while maintaining operational integrity of critical systems.
“Industrial Cyber security vendors and solution providers are placing an emphasis on IT/OT integration and rightly so,” said Jonathon Gordon, Directing Analyst at Takepoint Research. “As the industry evolves beyond asset visibility, the integration of IT/OT cyber security – People, Processes and Technology, becomes a true enabler for enhancing the security posture of industrial companies.”
“Organizations with complicated networks struggle with outdated methods of managing industrial control system (ICS) and OT assets across their infrastructure,” said Pedro Abreu, chief product and strategy officer, Forescout. “Forescout’s integrations with industry-leading technologies from Splunk, CrowdStrike and CyberArk deliver cohesive and contextual insights of all assets, improve operational integrity and manage associated security threats down to the device level.”
Security Partnership Expansion
Splunk – Direct OT Integration Reduces Mean Time to Recovery
As IT and OT networks continue to expand, security operations teams can now leverage a new Forescout and Splunk integration to actively defend their organization across all device types and network tiers. The new Forescout OT Network Security Monitoring for Splunk App integrates Forescout eyeInspect with Splunk Enterprise and Splunk Enterprise Security. The app consolidates contextual device data and alerts into pre-built dashboards and prioritizes security and operational alerts to defend OT and ICS networks against operational failures and cyberattacks, such as Ripple20, EKANS, WannaCry, NotPetya and TRITON. In addition, the full Forescout and Splunk security partnership and integration enables organizations to streamline enterprise security across the entire threat lifecycle. This Forescout app will also support the new OT Security Add-on for Splunk which accelerates time to insight with structured data models that make it easy to correlate OT data from various sources. The integration of Forescout and Splunk helps eliminate the need for manual, ad-hoc workarounds to combine IT and OT data and accelerates risk reduction of both downtime and security breaches.
CrowdStrike – Expanded ICS/OT Threat Detection and Response
Forescout’s expanded partnership with CrowdStrike now includes the eyeInspect OT solution for joint threat hunting in IoT and ICS/OT infrastructure. Delivered through the Forescout eyeExtend module, this enhanced integration with the CrowdStrike Falcon platform ensures customers receive the most comprehensive threat intelligence data across enterprise networks and critical infrastructure. CrowdStrike’s Falcon platform correlates 4 trillion endpoint-related events per week in real time from across the globe, fueling one of the world’s most advanced data platforms for security. Together, Forescout and CrowdStrike enable organizations to make informed, data-backed security decisions by leveraging Forescout’s automated network-level control and Zero Trust segmentation in response to detected threats.
CyberArk – Industry’s First IoT and OT Credential Discovery and Threat Monitoring
The Forescout platform now integrates Forescout eyeInspect device intelligence with the CyberArk Privileged Access Security Solution to centrally discover, manage and secure privileged accounts across a broader range of devices, common to IoT, OT and ICS environments. Additionally, Forescout’s privileged account discovery capabilities have been augmented beyond Windows to now include Mac and Linux endpoints. The integration also empowers organizations to automatically segment and enforce credential and user compliance. This is critical for organizations that need to preserve the continuity and accountability of the systems. The integration includes IoT/OT/ICS orchestrated workflows between CyberArk and Forescout to reduce manual workloads and rapidly respond to threats without operational disruption.