SecurityMatters released SilentDefense 3.11, which offers a dedicated solution for monitoring Building Automation Systems networks.
The advantages provided by SilentDefense 3.11 include: New capabilities and controls to quickly respond to emerging threats and cyber campaigns; new platform integrations and remote management capabilities through SilentDefense’s new REST API and built-in Splunk integration, and unprecedented network visibility and threat detection capabilities for Smart Building managers and engineers.
Some of the new features and extended support that SilentDefense 3.11 will provide to users include:
• REST API: A comprehensive, REST API that enables quick and easy integration with third-party partner platforms and the exchange of asset information, vulnerabilities, alerts, SilentDefense health status indicators, and the seamless distribution of new signatures and checks
• Network map views: Customizable and sharable network map views that allow users to perform parallel fine-grained visualizations and investigations of networks or threats (e.g. view per plant, system downtime view, malware view, etc.). Map views can be printed as PNG files for offline analysis and reporting.
• Investigation of network changes: A brand new visual threat scenario for an intuitive visualization of network changes on the interactive network map, to quickly determine new hosts and conduits
• Industrial Threat Library: New Industrial Threat Library checks for TLS/SSL certificates, SSL client applications, and expandable IP blacklists with over 1500 pre-configured “bad” IPs (e.g. known C&C servers and Tor exit nodes), allowing to quickly identify new malware and threats
• Extended protocol support: Support for additional OT protocols including Schneider Electric extensions for Modbus/TCP (Unity), ABB PN800 (Symphony/Harmony systems), Beckhoff ADS/AMS, CygNet SCADA and Profinet RPC
• Splunk integration: Pre-configured Splunk alert and log forwarders that allow instant integration with the official SilentDefense App
• Building Automation Systems monitoring: A new, dedicated solution that allows to visualize and analyze Building automation network assets, protocols and threats.