下载PDF
Vectra AI
技术
- 分析与建模 - 机器学习
适用功能
- 离散制造
用例
- 网络安全
- 入侵检测系统
服务
- 数据科学服务
挑战
该公司最初实施 Vectra AI 是为了保护一些不支持静态加密的旧系统。这是满足合规性要求的必要条件。随后,该公司将 Vectra AI 的使用范围扩大到监控其网络内的其他设备和服务器。该公司正在寻找一种能够检测异常行为并减少查看日志所花费时间的解决方案。该公司还希望找到一种能够分类威胁并将其与受感染的主机设备相关联的解决方案。该公司每天处理大约 300 起事件,其中大约 10 到 15 起事件需要调查。
关于客户
客户是一家实施 Vectra AI 来监控和保护其网络的公司。该公司有一个小型安全分析师团队,负责处理 Vectra 警报。该公司还有几名信息安全官员,他们拥有只读角色,如果需要更多信息,可以查看警报和日志。该公司最初实施 Vectra AI 是为了保护一些不支持静态加密的旧系统。这是满足合规性要求的必要条件。然后,该公司扩展了 Vectra AI 的使用范围,以监控其网络内的其他设备和服务器。
解决方案
该公司实施了 Vectra AI,这是一种人工智能解决方案,可监控网络异常行为。Vectra AI 可向团队发出任何行为异常的设备警报,从而减少查看日志所花费的时间。该解决方案还会对威胁进行分类,并将其与受感染的主机设备关联起来。该公司还购买了 Vectra AI 的附加产品 Recall,它为调查提供了更多信息。Recall 提供网络流量的元数据,允许团队在检测到网络流量时进行进一步调查。该解决方案可大规模捕获网络元数据,并用安全信息丰富元数据。
运营影响
数量效益
相关案例.
Case Study
Protecting a Stadium from Hazardous Materials Using IoT2cell's Mobility Platform
There was a need for higher security at the AT&T Stadium during the NFL draft. There was a need to ensure that nuclear radiation material was not smuggled inside the stadium. Hazmat materials could often be missed in a standard checkpoint when gaining entry into a stadium.
Case Study
Enel Secures Italian Power Generation Network
Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid. This grid:• Serves 31 million customers• Has a net installed energy capacity exceeding 31 gigawatts• Includes more than 500 power generation plants,including hydroelectric, thermoelectric, and wind• Is managed and monitored by Enel 24/7/365• Is operated by Terna, the Italian Transmission System Operator (TSO)Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.
Case Study
Securing the Connected Car Ecosystem
In-vehicle communications and entertainment system hosts high-value or sensitive applications. API libraries facilitate communication and sharing of vehicle data. These API libraries are vulnerable to reverse engineering and tampering attacks and may even result in loss of passenger safety. Attackers can inject malware that may be able to migrate to other in-car networks such as the controller-area-network (CAN) bus which links to the vehicle’s critical systems. Software provided for dealers to interface with cars through the OBD2 port is vulnerable to reverse engineering and tampering attacks. Hackers may be able to abuse these tools to inject malicious code into the ECUs and CAN bus. Attackers can lift the cryptographic keys used, and use that to build their own rogue apps/software. Their cloned version of the original app/software may have altered functionality, and may intend to gain access to other in-car networks.
Case Study
Secure and Cloud-based Data Marketplace
The great promise of new connected concepts of industry like 'Industry 4.0' is their ability to deliver a historically unparalleled level of responsiveness and flexibility. While modern supply chains are already heavily integrated and designed to be fluid and fast moving, a large swathe of manufacturing still remains beholden to economies of scale, large production runs, and careful preplanning.The Industrial Internet of Things (IIoT) is set to change this by allowing small-batch or even custom manufacturing on a truly industrial scale. With machines whose functions are not set in stone, but flexible and determined by their operating software and with a new form of connectivity bringing industrial engineers, product manufacturers, and end users closer together than ever before. Ad-hoc adjustments to automotive parts, for example, during active product runs or the bespoke manufacturing of custom sneakers become very viable options indeed.Much of this remains a theoretical vision, but IUNO, the German national reference project for IT security in Industry 4.0 demonstrates the new capabilities in action with a secure technology data marketplace running a smart drinks mixer.
Case Study
Expedia Hosted by 2lemetry Through AWS
Expedia is committed to continuous innovation, technology, and platform improvements to create a great experience for its customers. The Expedia Worldwide Engineering (EWE) organization supports all websites under the Expedia brand. Expedia began using Amazon Web Services (AWS) in 2010 to launch Expedia Suggest Service (ESS), a typeahead suggestion service that helps customers enter travel, search, and location information correctly. According to the company’s metrics, an error page is the main reason for site abandonment. Expedia wanted global users to find what they were looking for quickly and without errors. At the time, Expedia operated all its services from data centers in Chandler, AZ. The engineering team realized that they had to run ESS in locations physically close to customers to enable a quick and responsive service with minimal network latency.
Case Study
OTA Software Updates for Smart Energy (gridX)
gridX has a requirement for over-the-air software updates for their gridBox devices and used the Yocto Project for their builds. The driver for the requirement was having the ability to quickly support new features, as well as deploying bug fixed and path known security vulnerabilities. New software updates with a US stick manually to all gridBox devices in the field would be prohibitively expensive and labor-intensive.