GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT and OT network operations secure and reliable.
MENDEL, GREYCORTEX’s network traffic analysis solution, gives professionals the security of knowing what’s hiding in their networks, at any time. It helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which traditional security tools miss.
MENDEL, from GREYCORTEX, gives professionals the security of knowing what’s hiding in their IT and SCADA networks, at any time. Using network traffic analysis, it helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other traditional network security tools miss.
MENDEL also identifies risks to SCADA networks, including attacks against the network, careless technicians, misconfigurations, and poor segmentation, etc.
Key features for SCADA/ICS networks include:
- Visibility into communications between SCADA devices
- IEC 60870-5-104, IEC 61850 GOOSE, IEEE-1815-2012 DNP3, Modbus, ENIP/CIP SV, ISO 9506 MMS protocols, and more; on layers L2-L7
- Signatures for 500 known threats
- Advanced network behavioral analysis on L7
- Works on substation traffic analysis
- Visualization down to the end-point level in SCADA networks
Key features for IT networks include:
- Advanced predictive analysis and anomaly detection capabilities to identify unknown threats like APTs, RATs, P2P, Malware, Ransomware, Zero-day attacks, etc., before they harm your organization
- An integrated IDS engine with over 47,000 active rules for faster detection of known threats - unique among similar solutions
- Differentiation between human and machine communication via behavioral pattern recognition
- Detailed network performance management, including the ability to identify network dependency, slow connections, new devices, excessive traffic, duplicate MAC addresses, etc.
- Complete network visibility up to, and including, the application layer
- Much deeper network visibility than products that rely on Netflow/IPFIX protocols alone.
- Fully functional with connected IoT and BYOD devices
- Easy to use for security teams; saving the time of individual employees, rather than just man-hours
- Helps verify compliance with corporate security policies and government regulations like GDPR
- Widely customizable reports (including granular reporting, alarms, etc.)
I just combined this with the one below it. There is already a bullet specificially for L7. It seemed duplicative, unless it is technologically different.
sure. good thinking.