Skip to main content

SCADAfence CNM

Download With Dependencies

Fetching data from CNM

SCADAfence provides visibility and control for industrial and critical infrastructure networks. The SCADAfence Platform monitors the network, offering automatic asset discovery and inventory management, threat detection and risk management. The SCADAfence Platform is software based, non-intrusive, highly scalable and simple to deploy (automatic learning of the network behavior that doesn't require complex configuration).
Once a security incident is detected by the SCADAfence Platform, an alert is raised. On such an occurrence, the integration enables triggering a corrective measure in a managed and documented manner, and the ability to manage the entire incident life cycle from detection to enforcement in a secure and documented way.

What does this pack do?

The pack implements the integration with the SCADAfence Platform: it enablies importing the asset inventory, related network traffic and real time alerts of incidents and anomalies.
The playbook included demonstrates the capability to trigger a playbook upon detecting a potential infection in an OT related asset. The SCADAfence Platform provides rich information to enable risk analysis - full asset details, communications to other devices and alerts on suspicious behavior. This information is then used to calculate the probablity of infection and enable the SOC operator to take informed manual action to mitigate the threat (such as block listing the infected IP).

For more information, visit the SCADAfence website

SCADAfence provides visibility and control for industrial and critical infrastructure networks. The SCADAfence Platform monitors the network, offering automatic asset discovery and inventory management, threat detection and risk management. The SCADAfence Platform is software based, non-intrusive, highly scalable and simple to deploy (automatic learning of the network behavior that doesn't require complex configuration).
Once a security incident is detected by the SCADAfence Platform, an alert is raised. On such an occurrence, the integration enables triggering a corrective measure in a managed and documented manner, and the ability to manage the entire incident life cycle from detection to enforcement in a secure and documented way.

What does this pack do?

The pack implements the integration with the SCADAfence Platform: it enablies importing the asset inventory, related network traffic and real time alerts of incidents and anomalies.
The playbook included demonstrates the capability to trigger a playbook upon detecting a potential infection in an OT related asset. The SCADAfence Platform provides rich information to enable risk analysis - full asset details, communications to other devices and alerts on suspicious behavior. This information is then used to calculate the probablity of infection and enable the SOC operator to take informed manual action to mitigate the threat (such as block listing the infected IP).

For more information, visit the SCADAfence website

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedJuly 22, 2020
Last ReleaseDecember 4, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.