SCADA and Industrial Control systems are becoming common targets for advanced persistent threats.
These attacks, often with custom malware, can have very serious consequences, including loss of electrical power, or worse. These attacks are the first line of offense in state-to-state conflict.
SCADA networks use different protocols than traditional IT networks, provide different data (including physical conditions like temperature or pressure), and each communication between devices may take weeks to finish - rendering some flow monitoring solutions ineffective because they need the full network flow. Many existing security tools are unable to support these differences, limiting the number of useful security tools.
GREYCORTEX MENDEL helps protect SCADA and ICS (Industrial Control Systems) networks with the same advanced detection and full visibility offered to more traditional IT networks. It monitors SCADA-specific protocols like Modbus, DNP3, IEC 60870-5-101/104, and NTP, includes over 500 signatures of known SCADA threats, and offers the ability to detect threats in SCADA network traffic even without monitoring the entire communication flow. MENDEL goes further, by adding the ability to detect threats on any device connected to the SCADA network, so malicious actors or infected devices like maintenance equipment, appear when they connect, not after they've attacked.