Security provider, Radiflow, added dynamic vulnerability assessment scoring capabilities in the new release of its iSID industrial threat detection solution.
The current practices for risk assessments and security remediations employed by industrial enterprises and critical infrastructure operators generally rely on manual evaluations and follow unstructured processes. These processes are often time consuming and are not sufficiently responsive to changes in the threat and vulnerability landscape.
In this new version of the iSID industrial threat detection solution, version 5.3, Radiflow added a dedicated risk analytics module that automates vulnerability mapping and assessment processes. This risk analytics module dynamically evaluates vulnerabilities according to the classification of attacker profiles and defense strategies for protecting specific functionalities and operational processes.
Based on the attacker models and defined defense strategies, iSID dynamically calculates a risk and exploitability score for each device on the OT network and the most critical attack vectors using these scores. These scoring and mapping capabilities add value to the cybersecurity efforts of industrial enterprises as security analysts and risk managers can prioritize workloads to remedy vulnerabilities based on the specific context of their OT networks and impact on the business operations of the organization.
“There is a significant difference in the risk prioritization between a vulnerability that threatens to shut down the furnace in a steel production facility and a vulnerability that potentially compromises the lighting in the lobby of the plant, although until now there have been no effective methods for OT network operators to weigh differently such vulnerabilities,” said Ilan Barda, Radiflow chief executive. “These new automated risk modeling capabilities are major enhancements that will allow operations teams to prioritize their risk mitigation activities, while clearly differentiating the strengths of our technology and elevating the value of our offering beyond visibility and monitoring.”
For more information on Radiflow’s new approach to risk modeling on OT networks, click here to register to download “What’s Your Next Move? Optimizing OT Security Through Automatic Attacker Evaluation.”