Vulnerability tracking, patching and threat intel: A legacy approach
Most current ICS security technology typically focusses on “reactive defense against known threats with limited capabilities to detect threats based on behavior rather than pre-defined indicators.”
Many advisories for ICS devices have no practical mitigation advice, and over a fifth of reported CVEs do not even include a patch. Most vulnerability management workflows are a process of diminishing returns.
Darktrace: A self-learning approach
Darktrace provides continuous detection, full visibility, actionable insights, and, where appropriate, autonomous response for diverse and complex ICS ecosystems.
Rather than relying on pre-defined IoCs or external threat feeds, Darktrace harnesses Self-Learning AI to continuously learn the ‘pattern of life’ for everything in the cyber-physical system, identifying deviations indicative of an emerging attack.
Defense at every layer
Darktrace for OT defends all the way down to Level 1 devices in the Purdue model, and indirectly into Level 0.
It also covers all higher Purdue levels, from supervisory functions, business logistics and enterprise networks beyond into cloud and SaaS. The AI technology also provides visibility into and around the DMZ.