Automation software SIEM

controlmanagementSCADA

OT cybersecurity incident detection and response for energy automation systems Our SIEM (Security Information & Event Management) service for operational technologies (OT) helps you detect early attempts to attack your energy automation and control center systems so that you can respond effectively before the systems' functions are affected by a cyber incident. Benefits Timely detection of suspicious activity through automatic evaluation of the security logs​ Visibility and traceability on the intrusions and/or incidents targeting the OT systems Swift and secure incident response and recovery Reliable protection of the OT assets against cyber threats Reduced downtime in the face of cyber threats Enabling compliance with cyber-regulatory requirements Our SIEM system conducts the following tasks in a scalable manner: The SIEM centrally collects security-relevant events and alerts from all system components across the different OT sites (e.g. electric substations) and stores them in their chronological order The SIEM is backed by site-local persistence and protection of the event information in substation log servers All collected logs are evaluated in the SIEM via rulesets that are curated for energy automation and SCADA systems in order to reduce noise in the logs, correlate them and detect abnormal behavior of/in the systems If the SIEM detects an attack or an anomaly, an alarm message is issued and the operator is immediately notified