It is widely acknowledged that Mission Critical Systems or Critical Infrastructure are the primary targets for cyber attacks. Such attacks aim to cause damages, fear, or are of plain criminal intent – used for extortion, ransom, etc. The more Critical Systems are being automated/computerized and are connected to the external world via networks, the more chance there is for a malicious agent to damage these systems. While such automation and connectivity allow the operators improved operational-visibility and improved service, the same conditions significantly elevate the danger of a catastrophic cascade due to a compromised device or due to a basic malfunction.
Cyber Security will have to become regulation, mandatory for the operation of such systems to protect us from their looming threats. Cyber Security solutions will improve the safety and usability of such automated systems, and be a major factor in wide adoption of smart/automated systems, which in turn improve the quality of life and the efficiency of resource usage. More and more companies are trying to come up with security solutions designed specifically for the Operational Technology networks and equipment. While the IT/Enterprise arena is filled with solutions, the area of OT security has been “neglected” for years.
Firmitas ValidiGate™ is a disruptive solution providing operational assurance and cyber-resilience for industrial and mission-critical systems security
Firmitas was founded with the intention of addressing exactly this. Firmitas focuses on Operational-Security rather than information or data security. Firmitas ValidiGate™ is a disruptive solution providing operational assurance and cyber-resilience for industrial and mission-critical systems security.
Instead of creating antidotes to specific threats, it works by enforcing a system’s predefined design. Thus, making unexpected behaviour and attacks infeasible, thereby ensuring system up-time. Firmitas’ ValidiGate™ is a disruptive attack-prevention solution providing operational assurance and security for industrial and mission-critical systems. Thus, enabling the protected systems to operate deterministically under any condition, from Smart-Meters to Nuclear Reactors. Firmitas’ technology enforces each system’s predefined operational envelop by ensuring only pre-approved states and functionality which are necessary for the specific operation, significantly reducing the attack-surface.
Firmitas solution is providing a fully-deterministic white-list-based Adaptable Operational Security which is an excellent fit for protecting operational systems, purpose-built systems, and critical-infrastructure. Using Firmitas ValidiGate™ solution, protection can be provided to any system using any communication protocol over any channel, while preserving trust, and confidentiality of the systems.
Companies with OT networks, are starting to understand that solutions which were developed for Information Security and Data Security are not suitable for protecting OT networks. Some are trying to adapt existing solutions for the special attributes of OT networks, while others are looking for dedicated OT Security solutions.
The experts at Firmitas believe that most purpose-built systems need protection by prevention, and they can deliver this in real-time. Another important point, as mentioned above, is providing protection for sensitive systems, be it commercially-sensitive, or national-security-sensitive. For such sensitive systems, no off-the-shelf solution can provide security. Firmitas ValidiGate™ is the only solution that preserves the customer’s trust and confidentiality since it provides the customer full control over the process of system definition. The solution provides a device-side security based on whitelist approach as applied to incoming and outgoing communication, by monitoring and enforcing the correct and expected behavior of the target system to be protected.
Firmitas is teaming up with leading critical-infrastructure equipment and integration market leaders, providing solutions for sensitive systems which no other security vendor can do, Firmitas stands apart from the crowd with these key factors:
- Device specific tailored solution
- Acts as the personal bodyguard of each endpoint device.
- Secures each device, based on its own unique deployment requirements.
- Design your own security
- Relying on internal resources familiar with own systems.
- Enable easy & visual definition of system’s own operational logic.
- Enforce operational policies
- Process-oriented security, for purpose-built systems.
- Protect any Computer-Based-Appliance.
- Discover and mitigate unknown-unknowns.
- Inline security
- Per-device communication model.
- Unmatched real-time protection.
- Ensuring security isn’t bypassed.
- Reduction of device’s attack surface
- Attack-surface reduction by enforcing principle of least privilege (PoLP).
- Ensuring pre-defined states and functionality.