The Heart of Our Technology

SCADAfence Platform offers a wide range of cutting-edge capabilities built from the ground up to monitor large-scale complex OT networks.
Asset Discovery

Monitor Tens of Thousands of Assets

SCADAfence Platform has no limit to the number of assets supported by our detection engines and the user interface can display information on tens of thousands of assets and sessions. Unlike the Purdue model, our network map has been purposely designed to easily display a very large amount of assets, with several levels of drill-down into each asset’s relevant and detailed information. SCADAfence’s automatic asset discovery provides a rich set of details, including, model number, firmware version and potential risks.

Packet Processing

High-Performance, 100% Packet Processing Engine

SCADAfence Platform never misses a packet. Its optimized core and best-in-class packet processing speed provides outstanding security coverage for your network. Unlike other industry solutions, no traffic filtering and no traffic sampling are applied. Therefore, everything is continuously inspected – down to the last bit. The SCADAfence Platform was designed to scale – so there is no limit to the number of communication sessions monitored in parallel.

Threat Detection

Holistic Operational Alerts and Network Health

A holistic view, includes cyber security and operational status. The system tracks many metrics, including service malfunctions, traffic latency, asset malfunctions that are often due to human error, and PLC errors and their exceptions.

Industrial DPI

Deep Packet Inspection

SCADAfence Platform performs full, deep packet inspection for both IT and OT protocols. The SCADAfence research team is dedicated to maintaining up-to-date knowledge of industrial protocols in their various versions, as well as vendor-specific customizations. SCADAfence maintains a world-class industrial lab, built by a team that specializes in the design and construction of state-of-the-art plants and operational networks. The lab runs equipment that includes many types of PLCs, HMIs, vendor-specific engineering software, protocol converters, and I/O modules.

Dynamic Baseline

Dynamic Baseline Technology

SCADAfence Platform learns the behavior of your specific network, and then detects deviations from the baseline behavior. The system avoids the use of hard-coded parameters that may not be a good fit for your network – either too tight, resulting in false positives, or too loose, allowing illegitimate behavior. Instead, behavioral baselines are automatically learned and configured by network behavior parameters such as noise levels and event types. SCADAfence Platform learning capabilities are granular in nature, adjusting learning methodologies per host and per behavior type.

Anomaly Detection

Network Behavior Analytics

SCADAfence employs powerful pattern detection techniques in order to detect a wide variety of cyber attacks and other malicious behaviors. The system applies knowledge of best practices in industrial networks, raising alerts when network parameters exceed normal bounds. Our analytics allow you to apply user-defined rules to enforce company security policies, as well as fine-grained tuning with industry best-practice.

Easy Integration

Ease of Integration

As a leading open-system developer, SCADAfence supports many industry-standard inbound and outbound APIs, allowing our Platform to easily work with a wide range of systems, including threat intelligence feeds and signature-based repositories. SCADAfence Platform’s easy integration facilitates external control, provides a complete picture of any attack, and enables quick, efficient incident response. It also supports the addition of optional prevention capabilities (such as enforcement/NAC/blocking).

Monitor Tens of Thousands of Assets

Mask group(1)

SCADAfence Platform has no limit to the number of assets supported by our detection engines and the user interface can display information on tens of thousands of assets and sessions. Unlike the Purdue model, our network map has been purposely designed to easily display a very large amount of assets, with several levels of drill-down into each asset’s relevant and detailed information. SCADAfence’s automatic asset discovery provides a rich set of details, including, model number, firmware version and potential risks.

High-Performance, 100% Packet Processing Engine

Mask group(2)

SCADAfence Platform never misses a packet. Its optimized core and best-in-class packet processing speed provides outstanding security coverage for your network. Unlike other industry solutions, no traffic filtering and no traffic sampling are applied. Therefore, everything is continuously inspected – down to the last bit. The SCADAfence Platform was designed to scale – so there is no limit to the number of communication sessions monitored in parallel.

Holistic Operational Alerts and Network Health

Mask group(3)

A holistic view, includes cyber security and operational status. The system tracks many metrics, including service malfunctions, traffic latency, asset malfunctions that are often due to human error, and PLC errors and their exceptions.

Deep Packet Inspection

Mask group(4)

SCADAfence Platform performs full, deep packet inspection for both IT and OT protocols. The SCADAfence research team is dedicated to maintaining up-to-date knowledge of industrial protocols in their various versions, as well as vendor-specific customizations. SCADAfence maintains a world-class industrial lab, built by a team that specializes in the design and construction of state-of-the-art plants and operational networks. The lab runs equipment that includes many types of PLCs, HMIs, vendor-specific engineering software, protocol converters, and I/O modules.

Dynamic Baseline Technology

Mask group(5)

SCADAfence Platform learns the behavior of your specific network, and then detects deviations from the baseline behavior. The system avoids the use of hard-coded parameters that may not be a good fit for your network – either too tight, resulting in false positives, or too loose, allowing illegitimate behavior. Instead, behavioral baselines are automatically learned and configured by network behavior parameters such as noise levels and event types. SCADAfence Platform learning capabilities are granular in nature, adjusting learning methodologies per host and per behavior type.

Network Behavior Analytics

Mask group(7)

SCADAfence employs powerful pattern detection techniques in order to detect a wide variety of cyber attacks and other malicious behaviors. The system applies knowledge of best practices in industrial networks, raising alerts when network parameters exceed normal bounds. Our analytics allow you to apply user-defined rules to enforce company security policies, as well as fine-grained tuning with industry best-practice.

Ease of Integration

Mask group(8)

As a leading open-system developer, SCADAfence supports many industry-standard inbound and outbound APIs, allowing our Platform to easily work with a wide range of systems, including threat intelligence feeds and signature-based repositories. SCADAfence Platform’s easy integration facilitates external control, provides a complete picture of any attack, and enables quick, efficient incident response. It also supports the addition of optional prevention capabilities (such as enforcement/NAC/blocking).

More About
Our Platform