Tripwire logo

Tripwire Industrial Visibility

Tripwire Industrial Visibility – is a comprehensive set of tools to protect industrial networks, in combination with Hirschmann firewalls provides maximum cybersecurity. Real-time protection reduces threat detection time, deep visibility into the state of the security system, supports integration between IT and OT security. Analyzes ICS network communication, protocols, and behaviors. collect and report detailed information on resources across industrial networks. Profiles all communication between devices, detects anomalies, creates virtual zones, and detects threats.

Mapnetwork

Network mapping

Learning mode isolates each resource on the network and maps the flow of traffic between them.

Segmanetacja

Network segmentation

Segment OT networks into Virtual Zones, which are logical resource groups and communicate with each other under normal conditions.

Blok

Block an attack vector

Threat modeling shows you how to protect the most sensitive resources.

Automate

Security check

Change management and event logging capture deviations from accepted standards.

Tripwire Industrial Visibility Integration Structure in IT Networks – OT

Tripwire IT OT
Tripwire 1

Network mapping

AppDB’s active, passive scanning technology provides full visibility into the industrial network for effective risk assessment and reduction in OT environments.

  • Resources – detects all devices on OT networks, including serial networks, as well as extensive attributes for each device
  • Network sessions – detects all OT network sessions and their bandwidth, actions taken, changes made and other relevant details
  • Operational processes – detects all OT operations and the code section and tag values of all processes related to OT resources

Tripwire 2

Network segmentation

Segment OT networks into Virtual Zones, which are logical resource groups and communicate with each other under normal conditions.

  • Violations that exceed zones generate real-time alerts and are automatically assessed based on risk.
  • Networks without existing physical or logical segmentation can use Virtual Zones as an alternative
  • Use as a planner to implement physical or logical network segmentation
  • Integrate existing NAC firewalls and solutions to actively enforce policy-based segmentation and mitigate active attacks

Tripwire 3

Fallow detection

The five detection engines to provide full monitoring of OT security and integrity events for efficient and effective threat detection are further enhanced by real-time threat information updates via the Tripwire cloud.

Detection engines include:

  • Anomaly detection – identifies changes in communication patterns
  • Security Behaviors – Identify enemy techniques used in attacks on IT and OT networks
  • Known hazards – identification of IoCs using SNORT and YARA Rule engines
  • Operational behaviors – identifies OT operations, such as firmware updates
  • Custom rules that identify user-defined events

NIST20Framework Five20Functions

Vulnerability Audit

Tripwire compares each resource in the OT environment with an extensive database of unsecured protocols, configurations, and other vulnerabilities tracked by Tripwire, as well as the latest CVE data. As a result, customers can better identify, prioritize, and correct vulnerabilities.

  • Vulnerability Detection
  • Attack Vector Mapping – Identifies and analyzes all vulnerabilities and threats in the OT environment to calculate the most likely scenarios in which an attacker could compromise the environment
  • Risk-based prioritisation – all gaps are assessed on the basis of the unique risks they pose, enabling more efficient and effective prioritisation

Tripwire Industrial Visibility implete structure in the industrial network

Tripwire Industrial Visibility

  • Tripwire 4
  • Tripwire 5
  • Tripwire 6
  • Tripwire 7

#Tripwire Industrial Visibility