Casi d'uso di Darktrace/OT

Scoprire l'intera gamma di minacce ICS

 Darktrace/OT rivela l'intera gamma di attività minacciose nel vostro ambiente ICS, poiché conoscendo il vostro business ricerca comportamenti insoliti, piuttosto che cercare minacce note

Minacce persistenti avanzate (MPA)

APTs are sophisticated and stealthy threat actors who may blend various IT techniques - including zero day exploits and malware applications - in order to evade detection and reach industrial systems with OT payloads. By exfiltrating OT project files and programs, and reinstalling them with modifications made by their own OT engineers, these high-resource techniques can sabotage physical processes and create highly unsafe process conditions.

Darktrace reveals and responds to subtle APT techniques, taking action to maintain safety and production processes.

Analisi dei campioni di Darktrace/OT
Ogni attacco informatico è diverso, ma ecco alcune attività insolite che Darktrace/OT potrebbe trovare quando scopre un attacco APT:
Attività di segnalazione verso l'esterno
Anomalous IT to ICS Connection
Attività insolita dal dispositivo OT
Raro esterno da dispositivo OT
Connessioni RDP insolite

Ransomware industriale

Ransomware is typically fast-moving and indiscriminate, impacting OT systems both directly and indirectly. Production can be jeopardized by the reliance of OT systems on vulnerable IT services, which control crucial processes such as customer ordering, and if ransomware deliberately targets an OT network and encrypts project files and backups, the clean-up process can be costly and time-consuming.

Darktrace RESPOND takes targeted action to contain ransomware as soon as it emerges in the IT layer, when it is still far from production systems. 

Analisi dei campioni di Darktrace/OT
Ogni attacco informatico è diverso, ma ecco come potrebbe apparire un attacco ransomware industriale in Darktrace/OT:
Attività insolita dal dispositivo OT
Trasferimento dati insolito da parte di OT
Unusual Data Download / Upload
Attività SMB sospette
File ad alto rischio e SMB insolito

OT Cloud

The adoption of OT Cloud/ICSaaS expands an attack surface by increasing connectivity and complexity.  

Darktrace provides unified visibility across IT, OT, and the cloud, helping organisations accelerate digital transformation while mitigating the risks that it entails.

Even better with: Darktrace/Cloud and Darktrace/Apps

Analisi dei campioni di Darktrace/OT
Ecco alcuni comportamenti insoliti che un attacco informatico che abbraccia cloud e OT potrebbe innescare in Darktrace:
Unusual External Source for SaaS Credential Use
IaaS Security Rule Delete
Lateral Movement and C2 Activity
Anomaly then New ICS Commands
Multiple New Reprograms
Nessun articolo trovato.

Inventario dei beni

Darktrace/OT provides complete visibility and a comprehensive list of assets with many networking and device details passively collected from network traffic (or optionally using smart active identification).

Un numero illimitato di attacchi

Un numero illimitato di risposte

Our ai. Your data.

Elevate your cyber defenses with Darktrace AI

Iniziare la prova gratuita
Darktrace AI protecting a business from cyber threats.