Number of Case Studies182
Carmaker Holds the Keys to Network Security
Carmaker Holds the Keys to Network Security
FAW-Volkswagen Automotive Company (FAW-VW) required a high number of communication terminals due to its rapid development. FAW-VW also faced challenges in security management, IT Operation and Maintenance (O&M) costs, and employees work efficiency. FAW-VW needed terminal security protection with reliable access control and user rights management and comprehensive network protection.
SCADA Cyber Security Vulnerability Assessment
SCADA Cyber Security Vulnerability Assessment
A U.S. power company employed regularly-recurring audits of various controls, systems and programs. However, when it came to a SCADA-based cyber security vulnerability assessment, the in-house audit team did not possess the specific combination of process control experience and cyber security risks. They realized they required a third-party expert with a unique combination of knowledge of the two worlds.
Gain Operational Efficiencies (Singapore)
Gain Operational Efficiencies (Singapore)
Mandated to fully deregulate its electricity retail market by 2015, Singapore plans to meet smart city modernization goals while lowering costs.
Number of Hardware6
Unidirectional Security Gateway DIN Rail
Unidirectional Security Gateway DIN Rail
In the face of increased and complex cyberattacks, more and more industrial and critical infrastructure sites are turning to unidirectional gateway technology to prevent remote cyberattacks from entering their control systems. However, many physical environments require a smaller form factor than the rack-mounted Unidirectional Security Gateway. To meet this need, we developed the compact Unidirectional Security Gateway DIN Rail.The DIN Rail version of Waterfall’s market-leading Unidirectional Security Gateway enables customers throughout all sectors to deploy unidirectional gateway technologies in any of their network locations that require a compact form factor. Without compromise, the Unidirectional Gateway DIN Rail maintains the highest level of cyber security available for protecting industrial control systems (ICS) and critical infrastructure facilities from remote online attacks.Same benefits, smaller packageThe Waterfall DIN Rail offers the same high throughput, connectivity and functionality as our full-body, rack-mounted version. The availability of a smaller form factor enables electrical, oil and gas, manufacturing and other industries to easily deploy the gold standard of cyber protection for space-constrained sites. In addition, industrial enterprises connecting to cloud platforms or employing many small sites will benefit from using Waterfall’s Unidirectional CloudConnect® in this compact form factor. With no loss of performance or ease of use, industrial cybersecurity has never been so comfortable and secure.Robust hardware with a twistThe Waterfall DIN Rail is based on combined TX and RX Modules. The software runs from two computers, dedicated or shared, one on each side of the gateway. All of Waterfall’s multitude of software connectors, in addition to its advanced features and functionalities, are supported.Highlighted features:- Same ultimate level of cybersecurity as our market-leading- Unidirectional Security Gateway- Compact, vertical DIN Rail mounted- Same throughput and software connectivity as the Unidirectional- Security Gateway- Designed for specific environmental requirements (e.g. substations)
Unidirectional Security Gateway
Unidirectional Security Gateway
Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks originating on external networks. Unidirectional Gateway solutions come in pairs: the TX appliance contains a laser, and the RX appliance contains an optical receiver. The Gateway pair can transmit information out of an operations network, but is incapable of propagating any virus, DOS attack, human error or any information at all back into the protected network.Waterfall agent software gathers data in real time from operations servers inside the protected network. The software transmits that data to the external network, and populates replica servers with the data.Waterfall provides out of the box replication capabilities for dozens of industrial applications, including process historians, process databases, control system servers, OPC servers, and low-level devices.Replication solutions are also available for file servers, mail servers, print servers, SIEM servers and other components essential to the integration of modern operations networks with business networks.The server-replication process is transparent to external users, and has no effect on the original operations servers. External users access and use the replica servers in the same way they accessed and used the original operations servers, without changing working procedures.Waterfall’s customers report substantial savings over conventional firewalls. Gateways reduce firewall configuration, auditing, training, and real-time monitoring / logging costs. In addition, customers in regulated industries report dramatic reductions in regulatory documentation costs associated with firewalls and the use of routable protocols.
FLIP
FLIP
Waterfall FLIP® securely integrates Information Technology (IT) and Operations Technology (OT) control system networks. Modern enterprises transmit control system information to business networks continuously, and need to send information from business networks into operations networks occasionally – for example when sending control recipes into batch manufacturing systems or when sending anti-virus signatures and other security updates.Waterfall FLIP is stronger than firewalls, providing industry-leading assurances for the safety, reliability and security of critical OT networks.Waterfall FLIP is a hardware-enforced Unidirectional Security Gateway whose orientation is reversible. The Waterfall FLIP is “pointed” so that it replicates OT servers to IT networks routinely. By schedule, or by exception, an independent control mechanism inside the protected OT network triggers the FLIP® hardware to change orientation, allowing information to flow back into the protected OT network as needed.Waterfall FLIP harnesses security features of Waterfall Unidirectional Security Gateways to address specific IT/OT integration needs. Data streams out of, and occasionally into the OT network are completely independent and are physically unable to coexist. As a result, the Waterfall FLIP is stronger than firewalls, and meets the most demanding IT/OT integration needs.
Number of Software247
CycurHSM
CycurHSM
For security at ECU level, pure security solutions in software cannot sufficiently protect the integrity of a secure System. Hardware Security Modules are a necessary prerequisite to harden embedded systems against attacks and to provide protection of the integrity of the software.CycurHSM is a complete software stack adapted to the available BOSCH HSM implementations by different silicon manufacturers. CycurHSM provides the technology for fulfilling requirements regarding a flexible HSM firmware that provides open and standardized interfaces to HSM-enhanced security applications.
SparkCognition DeepArmor
SparkCognition DeepArmor
DeepArmor is the world’s first fully cognitive anti-malware system.DeepArmor leverages machine learning, natural language processing, and AI algorithms to analyze files and provide signature-free security.
RSA Security Analytics
RSA Security Analytics
Protect your organization’s valuable digital assets with RSA Security Analytics. RSA Security Analytics lets security operations teams collect and analyze logs, network packets, NetFlow, and endpoint data. These capabilities enable SOC analysts to discover attacks that traditional log-centric security information and event management (SIEM) tools miss.At the time of collection, RSA Security Analytics uses Capture Time Data Enrichment to inspect every piece of data collected for threat indicators. Analysts have the ability to investigate rapidly down to the most granular detail. Your team can understand exactly what is happening and what to do about it.
Number of Suppliers346
Applied Risk
Applied Risk
Applied Risk is focussed on critical infrastructure security and combating security breaches that pose a significant threat.
Tiandihexing
Tiandihexing
Tiandihexing was founded in 2007 and headquartered in Beijing. It is a research, development and integrated services company providing information security technology for industrial enterprises. The security needs of the power, petrochemical, oil and gas, steel and other infrastructure industrial control system contains vulnerabilities that expose problems to users. Through industrial control systems security vulnerability analysis, evaluation and consulting with Tiandihexing's HX-EICS power industrial information security management platform, HX-SFW industrial firewall, HX-HPS host reinforcement, HX-MAP security audits and other products, provide users with overall solutions for industrial control system network information security solutions, and to provide users with high-quality, professional service.
Uptake
Uptake
Uptake is a SaaS-based product company, combining data science, machine learning and security with deep industry knowledge to drive outcomes in productivity, safety, security and reliability that deliver value to businesses.
Number of Organizations22
OWASP
OWASP
Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative and open way.Every vibrant technology marketplace needs an unbiased source of information on best practices as well as an active body advocating open standards. The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. Core Values- OPEN Everything at OWASP is radically transparent from our finances to our code.- INNOVATION OWASP encourages and supports innovation and experiments for solutions to software security challenges.- GLOBAL Anyone around the world is encouraged to participate in the OWASP community.- INTEGRITY OWASP is an honest and truthful, vendor neutral, global community.
Shanghai Pudong Software Park Incubator (SPSP Incubator)
Shanghai Pudong Software Park Incubator (SPSP Incubator)
OASIS Consortium (OASIS)
OASIS Consortium (OASIS)
OASIS is a nonprofit consortium that drives the development, convergence and adoption of open standards for the global information society.OASIS promotes industry consensus and produces worldwide standards for security, Internet of Things, cloud computing, energy, content technologies, emergency management, and other areas. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology.OASIS members broadly represent the marketplace of public and private sector technology leaders, users and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in more than 65 countries.OASIS is distinguished by its transparent governance and operating procedures. Members themselves set the OASIS technical agenda, using a lightweight process expressly designed to promote industry consensus and unite disparate efforts. Completed work is ratified by open ballot. Governance is accountable and unrestricted. OASIS was founded under the name "SGML Open" in 1993. It began as a consortium of vendors and users devoted to developing guidelines for interoperability among products that support the Standard Generalized Markup Language (SGML). The consortium changed its name to "OASIS" (Organization for the Advancement of Structured Information Standards) in 1998 to reflect an expanded scope of technical work.
Number of Use Cases24
Security Claims Evaluation
Security Claims Evaluation
Security Claims Evaluation is an open and easily configurable cybersecurity platform for the evaluation of endpoint, gateway, and other networked components’ security capabilities.In an industrial environment setting, monitoring of sensors provides a window into the system and operational efficiencies. Specifically, monitoring key parameters such as temperature, vibration, currents, and voltage provide the operator with insights into whether operations are normal, within normal failure mode, or whether there is an indication of a cybersecurity/security breach.Security Claims Evaluation provides a platform for users to evaluate whether data from the sensors under test is indicative of normal operation or abnormal operation in a non-invasive and non-intrusive manner. Furthermore, using machine learning in combination with real-time analytics capabilities, the sensor operation can be monitored and analyzed 24/7. Logging of abnormal events can be performed for further assessment and future remediation actions. Through running a pre-defined security test suite that encompasses pen testing, known vulnerabilities, and other testing methodologies, testbed users’ security claims can be evaluated at a single or multiple connection points – encompassing an endpoint to a gateway to cloud assessment. A report based on the test results can be provided to users describing potential security weaknesses and proposed recommendations and remediation methods. 
Cybersecurity
Cybersecurity
Cybersecurity refers to the protection practice for the hardware, software, and data from being destroyed, altered or leaked by accidental or malicious reasons to ensure the system runs continuously and the network service is not interrupted. An effective cybersecurity methodology has multiple levels of protection spread across the computers, networks, programs, and data that one intends to remain secure.  For an effective defense from cyber-attacks, the people, processes, and technology in any organization should complement one another.The cybersecurity can be divided into physical security and logical security. Physical safety refers to the physical protection of system equipment and related facilities from damage and loss. Logical security includes integrity, confidentiality, and availability of information.
Warehouse Automation
Warehouse Automation
Warehouse automation is the application of specialized equipment and storage and retrieval systems to automation the performance of repetitive processes previously handled by unskilled and semi-skilled labor. A wide range of applications are possible in a warehouse, ranging from the use of robotics to unload products or crates to the automation of storage and retrieval of products on demand. Warehouse operations efficiency is central to the success of any company that processes, inventories, and ships orders. And warehouse automation is necessary to create an agile supply chain. The recent growth of the market is due to the exponential growth of the e-commerce industry, advancements in robotics, and the emergence of IoT. 
Number of Terms78
IoT Security
IoT Security
IoT security is the area of endeavor concerned with safeguarding connected devices and networks in the Internet of things.
Threat Modeling
Threat Modeling
Structured analysis to identify, quantify, and address the information security risks associated with an application or a system.
Datagram Transport Layer Security (DTLS)
Datagram Transport Layer Security (DTLS)
In information technology, the Datagram Transport Layer Security communications protocol provides communications security for datagram protocols.
182 Case Studies
6 Hardware
247 Software
346 Suppliers
47 Events
22 Organizations
24 Use Cases
78 Terms
45 Guides
test test