The company offers the following products in the ICS security market:
- Anomaly Detection
- Integrity Control
- Firewall and IPS
- Application Control
- Centralized Management
- Forensic Tools
The company offers the following services in the ICS security market:
Education and Intelligence
- Cybersecurity Training
- Awareness Programs
- Intelligence Reporting
- Cybersecurity Assessment
- Solution Integration
- Incident Response
Kaspersky Industrial CyberSecurity for Nodes
KICS for Nodes explicitly addresses dangers at administrator level in ICS conditions. It verifies ICS/SCADA servers, HMIs, and designing workstations from the different kinds of cyber threats that can result from human elements, conventional malware, and directed assaults or damage.
Uprightness control innovations highlighted in KICS for Nodes include:
- Control of utilization establishment and start-up as indicated by whitelisting (best practice for mechanical control organizes) or boycotting arrangements
- Control of utilization access to working framework assets: records, envelopes, and framework library
- Control of a wide range of executable running in Windows conditions, including .exe, .dll, .ocx, drivers, ActiveX, contents, direction line translators, and part mode drivers
- Updating utilization notoriety information
- Pre-characterized and client characterized application classifications to oversee controlled application records
- Fine-tuning of utilization controls for various clients
- Prevention or location just modes: obstructing any application that isn't whitelisted or, in 'watching' mode, permitting applications which aren't whitelisted to run
Based on family, device category, and specific device ID, management of access to removable devices, peripherals, and system busses.
- Support for both whitelisting and blacklisting approaches
- Granular, per-computer, and per-user policy assignment to a single user or a group of users.
- Prevention or detection-only mode
Some of the key functionalities:
- Restricted ports and networks can be accessed.
- Discovery and blocking of network attacks launched from internal sources which may introduce malware that can scan and infect the host.
Wi-Fi Network Control
Connectivity to any unauthorized Wi-Fi networks can be monitored. Based on Default Deny technology, the Wi-Fi Control task is blocks connections to any Wi-Fi network in the task settings.
PLC Respectability Check
This empowers extra command over PLC arrangements by periodical checks against a chose, Kaspersky Lab-verified server. The subsequent checksums are looked at against spared 'Etalon' values, and any deviations are accounted for.
Document Integrity Monitor
This element is intended to follow activities performed inside determined records and organizers in the checking extensions indicated in the assignment settings. It can be utilized to recognize document changes that may show a security rupture on the ensured server – like changes to SCADA ventures put away on a SCADA server.
Advanced Anti-malware Protection
Kaspersky Lab’s proactive malware detection and prevention technologies are improved and re-designed to meet heavy resource consumption and system availability requirements. Advanced anti-malware protection is designed to work effectively in a static environment. Some of the technologies offered by the Kaspersky Lab:
- Signature-based malware detection
- On-access and on-demand detection
- In-memory (resident) detection
- Ransomware detection via special Anti-Cryptor technology
- Kaspersky Security Network (KSN) and Kaspersky Private Security Network (KPSN), enabling the ultimate malware detection service
There is no impact of Kaspersky Lab security updates on the availability of the protected system when compatibility checks are performed before both database/component releases and process control system software/configuration updates. Potential resource consumption issues can be addressed through a number of ways:
- Compatibility tests can be performed with industrial automation vendor software on the Kaspersky Lab test bed.
- IAV performs compatibility checks.
- Kaspersky Lab checks security database updates: SCADA server, workstation, and HMI images are integrated into Kaspersky Lab’s test bed.
- Kaspersky Security Center automate and test the Kaspersky Lab security updates.
Kaspersky Industrial CyberSecurity for Networks
Kaspersky Lab's framework level security course of action works at the advanced correspondence tradition (Modbus, IEC stack, and ISO) layer, examining mechanical traffic for inconsistencies by methods for forefront DPI (Deep Packet survey) development.
KICS for Networks passes on inert framework traffic checking of variations from the norm and framework security while remaining imperceptible to potential aggressors. KICS for Networks has a specific designing – sensors can be sent autonomously from a central control unit.
KICS for Networks offers a trusted platform that can monitor process control command flow and telemetry data, and enabling, among other things to industrial users:
- Detection of any command which would reconfigure a PLC or change the PLC state
- Control parameter changes in technology processes
- Mitigation from of ‘advanced’ insider interference from engineers, SCADA operators, or other internal staff with direct access to systems as well as protection from outside threats
Kaspersky Industrial CyberSecurity
Security across enterprises should operate at both node and network levels to ensure the highest levels of protection from attacks. KICS is controlled through a single management console, Kaspersky Security Center, enabling:
- Centralized management of security policies - different protection settings can be set for different nodes and groups.
- Facilitate testing of updates before roll-out onto the network, thereby integrating the full process.
- Role-based access aligned with security policies and urgent actions. Ease of control and visibility at multiple sites are enabled by the Kaspersky Security Center.
USP : Kaspersky Industrial CyberSecurity is a solution developed for critical infrastructures and industrial equipment. This solution combines a variety of conventional security technologies. Device access control is also included in this solution which helps customers monitor connections to portable data storage media and peripheral devices. Kaspersky Industrial CyberSecurity provides cybersecurity across all network levels.
|Feature and Functionality|
- Product Maturity / Development Tools / Network traffic anoma...Security AssessmentA security assessment is done during which experts analyses the software and hardware solutions used to control the industrial process, and the systems connected to it. The company’s internal penetration testing and cautious evaluation of the ICS condition points of interest, including analysis of industrial systems and protocols followed by pre-approved tests demonstrated on the real system. Show More
- Product Maturity / Post Deployment / Support & MaintenanceICS equipment and frameworksICS Security Assessment administration recognizes security blemishes in ICS on all layers: starting from physical and network security, to vendor-specific vulnerabilities in ICS components such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others. Show More
- Product Maturity / Common standards / General Data Protectio...Network Components and its securityThere are vulnerabilities leading to network traffic interception and redirection (including ones in industrial communication protocols) Vulnerabilities in ICS components, such as SCADA, PLCs, smart meters, etc. The company prevents unauthorized access to critical network components. There are various vulnerabilities leading to obtaining unauthorized access to critical network components may be identified, including: Insufficient physical protection of ICS equipment, vulnerable network architecture, insufficient network protection (including flaws in separation of the ICS network from other networks). Show More
- Product Maturity / Channel of Delivery / System IntegratorsImproving Security ProcessesICS Security Assessment by Kaspersky Lab helps organizations to understand the weakest spots of ICS and focus on improving the corresponding security processes. It also avoids human, environmental, financial, operational and reputational loss that potentially could be caused by malefactors, by proactively detecting and fixing the vulnerabilities which could be used for attacks. It also analyses systems compliance to ICS security standards specific to region and industry, for instance NERC CIP standards Show More
- Product Maturity / Antivirus/Malware / Device ControlDevice ControlAdding devices that can’t protect themselves to the network can create a problem later for the orgnization. Show More
- Product Maturity / Development Tools / IOC detection toolsLack of Enterprise Risk Management (ERM) in ICSDeficiencies in enterprise risk management (ERM) in ICS. This makes it hard to link ICS security to high-level corporate goals. Other management vulnerabilities include the lack of ICS security policies, management-level accountabilities, and guidance. Show More