Cybersplice enables rapid visibility of cyber-physical exposures in Operational Technology networks
Cybersplice enables rapid visibility into cyber-physical exposures on Operational Technology networks. This service requires no hardware deployment and is enabled by forwarding metadata of communications using built in switch capabilities to Cybersplice for analysis and profiling. Alternatively, if the OT network underlay infrastructure does not support metadata export, a low cost Cybersplice cloak can be used to extract the required metadata from a network tap.
Download the brochure here.
|
Rapid visibility Cybersplice acts as a flight recorder for OT communications, bringing visibility down to the infrastructure level. |
|
Behavioral profiling Leverage the near-deterministic nature of OT traffic to identify attacker behavior and unauthorized changes to the network or nodes. |
|
Forensic audit trail Cybersplice keeps a record of metadata for up to a year, the backbone for a timely incident response capability. |
|
Network Visualizations Visualize and understand OT network traffic using the Cybersplice Untangle engine. |
|
Outlier detection Cybersplice uses AI to identify anomalies in device to device communication, and to detect compromised devices and command-and-control back channels. |
|
Three steps to get started Follow simple guided three step setup instructions to get going. |
|
Cybersplice cloud security |
To facilitate the visibility required during Cyber-physical exposure assessments, Splice zero-touch or rapid deployment options are leveraged. Follow these three steps to get started:
|
Step 1 |
|
Contact Cybersplice or one of our partners to confirm eligibility. Provide us with the required contact details and IP address from which Cybersplice cloud will accept the metadata and allow connections to the console. |
|
Step 2 |
|
Forward your flow records from the OT infrastructure systems (switches) through to Cybersplice cloud (remember to allow this one way outgoing traffic through your corporate and/or infrastructure firewalls). |
|
Step 3 |
|
Log in to Cybersplice cloud and tag subnets and OT devices as they are discovered by the passive metadata feed. Visualize and monitor your OT network. Cybersplice automatically identifies behaviors, outliers, assets and services. |
* For the companion cloak option, there is an additional step to ship, drop and activate the feed.
Cybersplice and our partners can advise on how to enable export of flow records. We also offer a bi-weekly feedback session to assist customers with queries and advise on mitigations for avoidable exposures.
