Industrial cybersecurity platform developer CyberX announced it’s Industrial Control System (ICS) Incident Manager application has been certified for the ServiceNow Store.
ServiceNow is a cloud computing software-as-a-service company that offers digital workflow solutions. The company’s store provides enterprise workflow apps from independent software vendors that complement and extend ServiceNow.
ServiceNow certification is only granted to apps that have successfully completed a set of defined tests focused on Now Platform security, compatibility, performance, and integration interoperability. The certification also ensures that CyberX met a set of prescribed standards when designing and implementing the ICS Incident Manager with ServiceNow.
CyberX’s industrial cybersecurity platform helps to defend critical national infrastructure by reducing ICS risk and preventing costly production outages, safety failures, and environmental incidents. The IIoT and ICS security company’s software monitors networks for wayward traffic and poorly behaving devices instead of securing devices individually. The agentless, non-intrusive platform enables customers to auto-discover their Operational Technology (OT) assets and network topology, identify critical OT vulnerabilities and attack vectors, and continuously monitor their OT networks for destructive cyberattacks
By integrating with ServiceNow, CyberX will be able to more quickly resolve OT security incidents and give analysts greater visibility into OT assets, protocols, malware, and targeted attacks. The integrated incident manager also helps to reduce the overhead of managing information about real-time alerts from diverse OT automation equipment in plants and facilities worldwide.
“This integration marks a milestone in our commitment to integrate OT security with the world’s best SOC and IT security solutions in order to reduce risk, leverage existing SOC workflows, and break down silos between IT and OT teams,” Buck Watia, VP of Alliances and Business Development at CyberX said in a release.
According to the release, the key benefit of the CyberX/ServiceNow integration is that it provides SOC analysts with deep visibility into OT assets and threats, including:
- A unified view of ICS security alerts, classified according to CyberX’s five distinct analytics engines: behavioral anomalies (policy violations), protocol violations, known malware, unusual M2M communications, and operational anomalies
- The specific protocol involved in the alert (Modbus, DNP3, SMB, etc.)
- The location of the affected equipment
- The source and destination IP address of the threat
- The severity and priority level of the alert