ICsec Header
  • Product Presentation
  • Technik II
  • Industry 4.0 / IoT / Edge Computing
  • Network Security / Patch Management
  • Trend topic

Detecting anomalies and cyber threats in industrial networks using SCADVANCE XP.

OT Challenges. SCADVANCE XP ensures real-time anomalies detection in industrial automation networks.

10/7/2020 2:15:00 PM – 10/7/2020 2:30:00 PM

Please log in or register in advance so that you can take part in actions or watch videos about the action!

This action is available to the it-sa 365 community as a video.

ICsec Header
  • Product Presentation
  • Technik II

OT Challenges. SCADVANCE XP ensures real-time anomalies detection in industrial automation networks.

Language: English

Questions and Answers: Yes

graphical blue background

This video is available to the it-sa 365 community. Please register or log in with your login data.

Action description

SCADVANCE XP is a cyber security system, using the latest technological solutions, allows to detect anomalies and cyber threats in industrial automation networks before they cause irreversible damage. The Scadvance system is passive, automatic and fully compatible with the most popular OT/IT protocols.

• Dedicated to OT (supports 94 % of industry protocols).
• Hardware and software - scalable system consisting of hardware probes and monitoring software. A comprehensive solution allows to track cyber incidents and anomalies appearing in any industrial network.
• Real-time monitoring - thanks to the use of proprietary algorithms, monitoring and detection of cyber threats in the industrial network takes place in real time.
• Machine Learning and artificial intelligence – SCADVANCE XP is a self-learning solution that adapts to the specific traffic parameters of any OT architecture. Machine Learning allows you to introduce new rules for detecting complex cyber threats.
• Big data - the SCADVANCE XP analysis module allows to process large amounts of data. Archiving of the entire industrial network traffic enables the inspection of incidents occurring in the past. It is also good forensic investigation tool in case of attack attempts.
• Detects broad spectrum of cyberattacks including “zero-day” threat - thanks to deep packet analysis, the system supervises transmission and data exchange in OT networks on all used transmission media. It enables the detection of hitherto unknown attacks and incidents.
• SCADVANCE XP provides a real-time view of network topology, connections and traffic flow on both Ethernet and serial networks.
• Easy to deploy and operate.
• Passive (no impacts for OT systems even if Scadvance probe is damaged).

The SCADVANCE XP system is ideal for any company with an industrial automation infrastructure that recognizes the need to protect it. In particular, the system has been designed for customers in the energy, gas, water, transport, railway and all kinds of industry segments. The scalable, flexible system makes it possible to adapt to the requirements of the company, both in terms of its size, infrastructure layout and supported protocols, but also in terms of possible application areas. Completely passive, does not affect the monitored environment. Additionally, it can be a source of information for SIEM systems. Thanks to built-in state-of-the-art solutions, including artificial intelligence and machine learning algorithms, the system is a comprehensive solution in the OT area. Its intuitive and user-friendly interface does not involve people responsible for IT/OT environments.
Practice shows that the most common attack vector is an attack from the inside of the network (e.g. through infected laptops or USB drives). Therefore, it must also be protected from the inside. It can be done by monitoring of the traffic in the OT network. Traffic in the OT network is quite predictable, hence there is a possibility to assess the rules and the correctness of behavior. In addition, there are several specificities in the OT network conditions: real mode, there is no tolerance for delays and for system restart. Additional IT network monitoring tools do not support the specific OT devices.
Companies with critical infrastructure strive to multiply the security layers.

read more


  • Marek Smolik
    Marek Smolik CTO

    This content is available to the it-sa 365 community. Please register or log in with your login data.