OT Monitoring, Intrusion & Threat Detection for Secure Industrial Processes
Rhebo Industrial Protector reliably protects operational technology against disruption by cyber attacks, malware, technical error states and manipulation.
Rhebo Industrial Protector uses innovative deep packet inspection technology to analyze and evaluate any communication within the network boundaries down to the content level. Network operators are informed about any suspicious communication in real-time and all details are made available for forensic analysis - even for novel threats such as zero-day vulnerabilities.
Asset Discovery & Inventory
Immediate and complete visibility from the network to single devices with all relevant properties.
Anomaly & Threat Detection
Real-time reporting and documentation of cyber attacks, espionage attempts and malware.
Continuous Risk Assessment
Threat intelligence about risks and measures through behavioral analysis and identification of hidden vulnerabilities.
Network Condition Monitoring
Increased system and plant availability through real-time detection of technical error states and misconfigurations.
Embedded Cyber Security & Stability
Support of common hardware and virtualization platforms to ensure easy integration in existing infrastructures.
Support of effective implementation of an ISMS and threat detection framework.
Early Detection of Professional Cyberattacks in OT
MITRE ATT&CK® ICS is a practical framework for identifying, assessing, and mitigating professional (e.g., state-sponsored) cyberattacks on industrial networks. The techniques displayed illustrate the actions of adversaries once they have gained access to the network.The first two phases or tactics occur outside the target network and thus outside the scope of the various security mechanisms (firewall, VPN, IDS, SIEM, OT monitoring) in the enterprise.
In contrast to "normal" malware incidents such as ransomware, etc., professional attacks do not occur suddenly, but proceed over the long term and in stealth modus. Attackers often move within the network for months before the actual disruption is caused. Since the processes take place within the network, firewalls, classic intrusion detection, etc. are blind to them.
Rhebo detects exactly these preparatory actions by monitoring all communication within the network and matching it with the expected (learned) behavior pattern.
Next Generation Intrusion Detection for Operational Technology
Rhebo Industrial Protector non-intrusively monitors, analyzes and visualizes all assets and the complete data traffic within your OT.
The next generation Intrusion Detection System combines OT monitoring, intrusion and threat detection in one application. Rhebo Industrial Protector reports any changes in communication behavior in real time, e.g.:
- new devices, network users and patterns;
- firmware updates and changes in PLC operating modes;
- circumvention of security mechanisms;
- reconnaissance and intrusion activities and lateral movements;
- known vulnerabilities of the devices;
- technical error conditions.
Rhebo Industrial Protector can be integrated into the ICS as a hardware or software sensor. For cost-efficient monitoring of communication in distributed power infrastructure, the integration can be done on existing security gateways from e.g. Barracuda, Bosch Rexroth, INSYS icom, RAD, or Welotec.
The specific protocol types and thieir variants used in industrial networks are fully supported.
YOUR ADVANTAGE: You always have full clarity about potentially harmful communication processes in the OT network.
Solution brief for Industry
Fight off cyber attacks and increase process stability in industrial environments.
Solution brief for Energy & Water
Fight off cyber attacks and ensure compliance in critical infrastructure companies.
Technical specifications for Rhebo Industrial Protector.