KASPERSKY LAB in Industrial Control Systems Security Solutions

Are you from this Company?
KASPERSKY LAB
Moscow, Russia
1997
$500MN to $1BN
Enterprise
74 Likes
62 Buyers Negotiating

Summary

The company offers the following products in the ICS security market:

  • Anomaly Detection
  • Integrity Control
  • Antimalware
  • Firewall and IPS
  • Application Control
  • Centralized Management
  • Forensic Tools

The company offers the following services in the ICS security market:

Education and Intelligence

  • Cybersecurity Training
  • Awareness Programs
  • Intelligence Reporting

Expert Services

  • Cybersecurity Assessment
  • Solution Integration
  • Incident Response

Kaspersky Industrial CyberSecurity for Nodes

KICS for Nodes explicitly addresses dangers at administrator level in ICS conditions. It verifies ICS/SCADA servers, HMIs, and designing workstations from the different kinds of cyber threats that can result from human elements, conventional malware, and directed assaults or damage.

Uprightness control innovations highlighted in KICS for Nodes include:

  • Control of utilization establishment and start-up as indicated by whitelisting (best practice for mechanical control organizes) or boycotting arrangements
  • Control of utilization access to working framework assets: records, envelopes, and framework library
  • Control of a wide range of executable running in Windows conditions, including .exe, .dll, .ocx, drivers, ActiveX, contents, direction line translators, and part mode drivers
  • Updating utilization notoriety information
  • Pre-characterized and client characterized application classifications to oversee controlled application records
  • Fine-tuning of utilization controls for various clients
  • Prevention or location just modes: obstructing any application that isn't whitelisted or, in 'watching' mode, permitting applications which aren't whitelisted to run

Device Control

Based on family, device category, and specific device ID, management of access to removable devices, peripherals, and system busses.

  • Support for both whitelisting and blacklisting approaches
  • Granular, per-computer, and per-user policy assignment to a single user or a group of users.
  • Prevention or detection-only mode

Host-based Firewall

Some of the key functionalities:

  • Restricted ports and networks can be accessed.
  • Discovery and blocking of network attacks launched from internal sources which may introduce malware that can scan and infect the host.

Wi-Fi Network Control

Connectivity to any unauthorized Wi-Fi networks can be monitored. Based on Default Deny technology, the Wi-Fi Control task is blocks connections to any Wi-Fi network in the task settings.

PLC Respectability Check

This empowers extra command over PLC arrangements by periodical checks against a chose, Kaspersky Lab-verified server. The subsequent checksums are looked at against spared 'Etalon' values, and any deviations are accounted for.

Document Integrity Monitor

This element is intended to follow activities performed inside determined records and organizers in the checking extensions indicated in the assignment settings. It can be utilized to recognize document changes that may show a security rupture on the ensured server – like changes to SCADA ventures put away on a SCADA server.

Advanced Anti-malware Protection

Kaspersky Lab’s proactive malware detection and prevention technologies are improved and re-designed to meet heavy resource consumption and system availability requirements. Advanced anti-malware protection is designed to work effectively in a static environment. Some of the technologies offered by the Kaspersky Lab:

  • Signature-based malware detection
  • On-access and on-demand detection
  • In-memory (resident) detection
  • Ransomware detection via special Anti-Cryptor technology
  • Kaspersky Security Network (KSN) and Kaspersky Private Security Network (KPSN), enabling the ultimate malware detection service

Trusted Updates

There is no impact of Kaspersky Lab security updates on the availability of the protected system when compatibility checks are performed before both database/component releases and process control system software/configuration updates. Potential resource consumption issues can be addressed through a number of ways:

  • Compatibility tests can be performed with industrial automation vendor software on the Kaspersky Lab test bed.
  • IAV performs compatibility checks.
  • Kaspersky Lab checks security database updates: SCADA server, workstation, and HMI images are integrated into Kaspersky Lab’s test bed.
  • Kaspersky Security Center automate and test the Kaspersky Lab security updates.

Kaspersky Industrial CyberSecurity for Networks

Kaspersky Lab's framework level security course of action works at the advanced correspondence tradition (Modbus, IEC stack, and ISO) layer, examining mechanical traffic for inconsistencies by methods for forefront DPI (Deep Packet survey) development.

KICS for Networks passes on inert framework traffic checking of variations from the norm and framework security while remaining imperceptible to potential aggressors. KICS for Networks has a specific designing – sensors can be sent autonomously from a central control unit.

KICS for Networks offers a trusted platform that can monitor process control command flow and telemetry data, and enabling, among other things to industrial users:

  • Detection of any command which would reconfigure a PLC or change the PLC state
  • Control parameter changes in technology processes
  • Mitigation from of ‘advanced’ insider interference from engineers, SCADA operators, or other internal staff with direct access to systems as well as protection from outside threats

Kaspersky Industrial CyberSecurity

Security across enterprises should operate at both node and network levels to ensure the highest levels of protection from attacks. KICS  is controlled through a single management console, Kaspersky Security Center, enabling:

  • Centralized management of security policies - different protection settings can be set for different nodes and groups.
  • Facilitate testing of updates before roll-out onto the network, thereby integrating the full process.
  • Role-based access aligned with security policies and urgent actions. Ease of control and visibility at multiple sites are enabled by the Kaspersky Security Center.

Discussions

Strengths
  • +8
    Security Assessment
  • +7
    ICS equipment and frameworks
  • +6
    Network Components and its security
  • +5
    Improving Security Processes
  • +11
    Support & Maintenance
  • +9
    Cloud
  • +12
    Hybrid
  • +10
    On-premise
  • +14
    Implementation
  • +14
    Log review tools
  • +13
    Reverse engineering tools
  • +12
    System artifact review tools
  • +9
    Programmable Logic Controllers (PLCs)
  • +10
    System Integrators
  • +12
    IAEA - Computer Security at Nuclear Facilities
  • +5
    ISO 27002 (Enterprise Cyber Security)
  • +13
    WIB M-2784 (Process Control Domain – Security Requirements for Vendors)
  • +5
    ISO/TR 22100-4
  • +6
    Critical Infrastructure Protection Standards (NERC-CIPs)
  • +8
    DoE - 21 steps for SCADA security
Cautions
  • -13
    Lack of Enterprise Risk Management (ERM) in ICS
  • -9
    Education & Training
  • -5
    Incident Response
  • -13
    Cyber attack simulation
  • -12
    Regulatory compliance
  • -10
    IOC detection tools
  • -8
    Multi-purpose tools
  • -11
    Outlier analysis tools
  • -6
    Distributed Control System (DCS)
  • -6
    Engineering workstations
  • -7
    HMI panels
  • -5
    Intelligent Electronic Devices (IEDs)
  • -10
    Remote Terminal Unit (RTU)
  • -14
    NRC -10 CFR - 73.54
  • -13
    NRC - Regulatory Guide 5.71
  • -12
    ISA-99 (Industrial Automation & Control Systems Security)
  • -14
    NIST 800-82 (Guide to Industrial Control Systems)
  • -6
    DFARS
  • -7
    NIST 171
  • -8
    NIST CSF

KASPERSKY LAB Reviews

user-icon

Analyst

5
Apr 11, 2019

“Security Assessment”

The company’s internal penetration testing and cautious evaluation of the ICS condition points of interest, including analysis of industrial systems and protocols followed by pre-approved tests demonstrated on the real system. A security assessment is done during which experts analyses the software and hardware solutions used to control the industrial process, and the systems connected to it.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Energy and Utilities, SME

5
Apr 11, 2019

“Incident response and investigation consultancy services”

Kaspersky Lab’s Industrial Systems Emergency Response Team is a project that offers wide range of information services, starting from intelligence on the latest threats and security incidents with mitigation strategies and incident response and investigation consultancy and services. In addition to the latest intelligence about threats and vulnerabilities, Kaspersky Lab’s Industrial CERT shares expertise on compliance.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Manufacturing, SME

3
Apr 11, 2019

“Network Components and its security”

The company prevents unauthorized access to critical network components. There are various vulnerabilities leading to obtaining unauthorized access to critical network components may be identified, including: Insufficient physical protection of ICS equipment, vulnerable network architecture, insufficient network protection (including flaws in separation of the ICS network from other networks).There are vulnerabilities leading to network traffic interception and redirection (including ones in industrial communication protocols) Vulnerabilities in ICS components, such as SCADA, PLCs, smart meters, etc.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Energy and Utilities, SME

1
Apr 11, 2019

“ICS equipment and frameworks”

An increase in malware and assaults on Industrial Control Systems (ICS), the developing number of new vulnerabilities in ICS equipment and an expanded need for these frameworks to be incorporated with different situations (like ERP, for instance) have required a progressively exhaustive way to deal with ICS security. ICS Security Assessment administration recognizes security blemishes in ICS on all layers: starting from physical and network security, to vendor-specific vulnerabilities in ICS components such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Power, SME

2
Apr 11, 2019

“Improving Security Processes”

ICS Security Assessment by Kaspersky Lab helps organizations to understand the weakest spots of ICS and focus on improving the corresponding security processes. It also avoids human, environmental, financial, operational and reputational loss that potentially could be caused by malefactors, by proactively detecting and fixing the vulnerabilities which could be used for attacks. It also analyses systems compliance to ICS security standards specific to region and industry, for instance NERC CIP standards
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Transportation and Logistics, SME

5
Apr 07, 2019

“Network Components and its security”

The company prevents unauthorized access to critical network components. There are various vulnerabilities leading to obtaining unauthorized access to critical network components may be identified, including: Insufficient physical protection of ICS equipment, vulnerable network architecture, insufficient network protection (including flaws in separation of the ICS network from other networks).There are vulnerabilities leading to network traffic interception and redirection (including ones in industrial communication protocols) Vulnerabilities in ICS components, such as SCADA, PLCs, smart meters, etc.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Transportation and Logistics, SME

5
Apr 07, 2019

“ICS equipment and frameworks”

An increase in malware and assaults on Industrial Control Systems (ICS), the developing number of new vulnerabilities in ICS equipment and an expanded need for these frameworks to be incorporated with different situations (like ERP, for instance) have required a progressively exhaustive way to deal with ICS security. ICS Security Assessment administration recognizes security blemishes in ICS on all layers: starting from physical and network security, to vendor-specific vulnerabilities in ICS components such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others.
Read less Read more
Useful (0) Not useful (0)
user-icon

Analyst

5
Apr 07, 2019

“Security Assessment”

The company’s internal penetration testing and cautious evaluation of the ICS condition points of interest, including analysis of industrial systems and protocols followed by pre-approved tests demonstrated on the real system. A security assessment is done during which experts analyses the software and hardware solutions used to control the industrial process, and the systems connected to it.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Power, SME

2
Apr 07, 2019

“Incident response and investigation consultancy services”

Kaspersky Lab’s Industrial Systems Emergency Response Team is a project that offers wide range of information services, starting from intelligence on the latest threats and security incidents with mitigation strategies and incident response and investigation consultancy and services. In addition to the latest intelligence about threats and vulnerabilities, Kaspersky Lab’s Industrial CERT shares expertise on compliance.
Read less Read more
Useful (0) Not useful (0)
user-icon

Buyer, Power, SME

3
Apr 07, 2019

“Improving Security Processes”

ICS Security Assessment by Kaspersky Lab helps organizations to understand the weakest spots of ICS and focus on improving the corresponding security processes. It also avoids human, environmental, financial, operational and reputational loss that potentially could be caused by malefactors, by proactively detecting and fixing the vulnerabilities which could be used for attacks. It also analyses systems compliance to ICS security standards specific to region and industry, for instance NERC CIP standards.
Read less Read more
Useful (0) Not useful (0)
I agree to 360Quadrants Terms of use and privacy policy
Success
info
Error
Company Size :
  Enterprise
  SME
  Startup