Cybersecurity Blog: The Cyber Scene is evolving, are you?

New features make compliance and configuration management easier than ever!

Please see links below to view our new Passive Monitoring capabilities sheet:


Industrial Control Systems / Supervisory Control and Data Acquisition (ICS/SCADA) devices monitor and control critical infrastructure, but what tools monitor these systems? Many ICS/SCADA systems were developed and deployed before the evolution of today’s cybersecurity threats. These systems were not designed to interface with modern IT security architecture. Typically they lack local intelligence or security awareness. Most ICS/SCADA systems are protected only by a firewall, leaving OT security operators with little understanding of who or what may be trying to penetrate and breach there systems. Passive monitoring helps fill this ICS visibility gap.

Passive monitoring deploys non-invasive network sensors that capture the communication between SCADA and PLC devices looking for possible threats. These devices listen to network traffic and have a learning capability that captures the typical communication between devices and report out when anomalous activity is detected.

Read more

Palisade® Threat Intelligence Management and Analyst Workflow Platform 3.5 Release

The Leidos product engineering team announces the release of Palisade® 3.5. The latest version of our threat intelligence management platform includes improved search capabilities, an expansion of our API, increased support of STIX™ files and CybOX™ objects, and the ability to automatically extract indicators from a block of text to easily add to your database.

Read more

Monitor asset performance in real-time with new widgets available with Industrial Defender ASM version 6.2

The Industrial Defender ASM has always been more than an event monitoring platform. Now there’s one more reason why this technology is rapidly becoming the de facto solution to monitor, manage and protect ICS assets.

Asset Trends offers operational end-users a new set of widgets to track and trend asset performance. This investigative tools can be used to review a specific set of asset details for a finite span of time. When comparing trends it’s easy to identify anomalies and under-performing asset(s). Further analysis can be done to review the resources on the under-performing asset by spinning up a widget with settings set to compare I/O, memory and disk usage. These widgets display continuous, analog information in both a graph and table format over a selectable time interval using menus of metric categories and associated metric names for display. There are four standard widgets available: CPU usage, memory usage, disk usage and networking.

Read more

Today we are proud to announce that the latest release of the Industrial Defender Automation Systems Manager™ (ASM), version 6.2, is available! Our dedicated product team works along-side existing end-users to continually improve functionality and develop advanced capabilities within this single, unified platform. The Industrial Defender ASM is specifically designed and purpose built to assist asset owners in the task of ensuring the safe and reliable operations of industrial control systems (ICS). 

The 6.2 release addresses features that will assist cybersecurity, compliance and change management requirements for ICS enviornments. The latest version expands ICS operational management capabilities with a new, highly customizable module that tracks ICS asset performance indicators. Additionally ASM v6.2 delivers features and enhancements to assist customers in meeting the rapidly approaching NERC CIP v5 April 2016 start date. The ASM continues to win customers and has become the de-facto standard for operational technology (OT) cybersecurity by automating many of the manual processes required to secure global critical infrastructure operational assets.

Read more

Your single, unified view just got more customizable

Industrial Defender ASM™ is an industry leading solution for automating alerts, tasks and reporting for effective management of the control systems environment. The latest version, version 6.1, boasts some significant changes to the interface home screen. Security, compliance and operations managers have unique daily tasks to monitor and manage within the ICS. Although, we’ve always catered to the needs of these distinct roles we’ve now added customizable dashboards to the home screen to allow users to see unique and relevant sets of data more easily.

New ASM User Interface Widgets and Layout

New Dashboards deliver greater environment visibility and ASM ease of use. Among the UI improvements are the ability to create new dashboards and add custom tiles to dashboards so you can monitor and act on changes in your asset environment. Create customized dashboards based on user profile. Users view changes and anomalies on their dashboard and drill down from widgets and tiles to take view details and take action. Widgets and tiles are self-updating and can be displayed on large screens in control centers.

Other features of this release include:

  • Reports for NERC CIP 5 and the File Repository
  • Contact and Contact Group Management for Notifications
  • Easier and More Intuitive Exceptions over Time Display
  • Work Automation User Interface Offers Greater Visibility
Read more

Industrial control systems compliance owners find project success with Industrial Defender ASM

Leverage ready-to-go NERC CIP, NIST and NEI 08-09 policy libraries along with the Work Automation Suite to automate the collection, storage and  reporting of compliance artifacts for audit requirements.

Effectively meet requirements for compliance programs. As new asset configuration changes and compliance events are detected Compliance managers can use the customizable ASM 6.1 dashboards to monitor continuous compliance. Dashboards help to visualize compliance by key metrics such as deviations from asset configuration baselines, security events to be reviewed and new assets to baseline.

The ASM 6.1 dashboard tiles display real-time asset configuration changes and event monitoring such as authentication events. Charts and graphs provide a range of critical data including reachability and distribution by varying criteria, aggregation of deviations or exceptions of events across your environment, configuration baseline graphs waiting to be promoted and authentication events that track failed login attempts in your ICS environment.

Read more

Industrial control systems security owners find project success with Industrial Defender ASM

Security analysts leverage the Industrial Defender ASM to monitor violations of security policies and safeguards. Security event monitoring across your asset inventory ensures you're aware of important security events and enables decisive action when vulnerabilities and threats are identified.

An analyst logs in to the ASM each day. As new events are detected the dashboard updates with real-time event information for all monitored assets. Dashboard tiles track individual security categories the analyst would like to monitor such as anti-virus, firewall and audit log changes and USB insertions.

Charts and graphs provide additional visualization. They capture event trends over a period of time for an analyst to spot anomalies and display the top 10 event categories for time periods or distribution of events by priority for real-time review. Leverage the customizable dashboards to help refine your secuirty management programs for improve your organization's posture. 

Read more

Industrial control systems operations owners find project success with Industrial Defender ASM

Effective cyber asset management is crucial to operations. Monitoring asset inventory details, health and configurations from a unified, single view platform provides increased effeciency and situational awareness.

An operations manager can effectively use the pre-configured ASM dashboard to monitor the health and welfare of assets.

An operations manager logs in to ASM each day or views the dashboard on a large screen. As new events and asset configuration changes are detected the dashboard updates with the latest information. Tiles across the top of the display track operation events and asset configuration changes that the manager would like to monitor. Charts and graphs provide more detail about aggregation of events across the environment.

  • Real-time asset configuration changes and events indicating resource issues and limitations
  • View CPU and network resource limitations
  • Asset configuration changes
  • Newly discovered assets
  • Charts and graphs provide
    • Reachability and distribution by varying criteria
    • Capture trends over time to detect suspicious anomalies
Read more

Release of ASM 6.0 was a significant milestone for our team and the Industrial Defender ASM solution stack. In a little more than two years from its first release ASM has captured the mindshare of the OT market. With ASM 6.0 we’ve introduced new applications and several key improvements to existing applications. After a successful controlled introduction process we are to happy to announce the general availablity to the market.

Industrial Defender solutions will be the standard across our entire fleet." – Leading US Utility

Read more