Rapid7 has joined with industrial cybersecurity vendor SCADAfence to provide greater visibility to operational technology (OT) and security teams into traditional IT and IoT/OT devices co-located in manufacturing and critical infrastructure environments. The technology partnership will allow users to assess their infrastructure, including OT assets, and get advanced prioritization of risks based on both end point and network-based exposures.
Joint customers will get access to holistic risk management and threat detection through continuous network monitoring, Boston-based Rapid7 said.
As industrial control systems (ICS) and OT environments continue to become digitally connected, they are increasingly exposed and vulnerable to cybersecurity risks. Security teams tasked with protecting these environments lack both the required visibility into their OT and IoT devices and the tools to manage them, Rapid7 said. Users will be able to identify security risks faster, apart from enabling smart manufacturing and smart grids across production facilities and the supply chain.
Through the partnership, InsightVM, Rapid7’s vulnerability risk management solution, will allow organizations to find devices in hybrid environments, assess for vulnerabilities and weaknesses, prioritize the severity of each vulnerability, remediate or mitigate if necessary, and set policies for collaboration across key stakeholders. Risk prioritization is enhanced by leveraging SCADAfence’s visibility into OT networks and identification of cross site communications and connections between devices with potentially exploitable vulnerabilities.
The SCADAfence Platform provides automatic asset discovery and inventory management, threat detection and risk management that helps detect anomalies and security events that can compromise availability and affect safety and reliability of the OT network and its assets.
“Our partnership with SCADAfence will provide customers with a more holistic view of IT and OT devices connected to their network, allowing them to identify, manage and mitigate risks within their environments,” said Cindy Stanton, Rapid7’s senior vice president, vulnerability risk management, in a press statement.
Earlier this year, SCADAfence launched its Governance Portal that was developed as a ‘single one-stop’ offering for IT and OT users to enable real-time monitoring and compliance across organizations. It also ensures compliance with relevant regulations such as IEC62443, NERC CIP, NIS NCSC, the NIST framework and other frameworks, and monitors compliance enforcement by identifying gaps and bottlenecks in the network.