Product Takes Top Spot in both Asset Discovery and Threat Detection Phases
NEW YORK – February 13, 2018 – Claroty, an innovator in operational technology (OT) network protection, today announced that it was crowned winner of the inaugural S4 ICS Detection Challenge, which took place at the S4x18 Conference in Miami. Claroty’s Continuous Threat Detection product claimed top honors in both the Phase I – Identification and Phase II – Detection segments of the challenge.
During Phase I, contestants consumed network traffic captured from 15 different sites at an unidentified West Coast (U.S.) oil and gas company. The contestants were required to use their products to identify industrial control system (ICS) assets on the network and provide a view of how the assets were communicating. Contestants were rewarded for discovering assets, identifying specific details about them and were given bonus points for unique insights. Scoring was designed to test the products themselves, rather than the teams, with more points awarded for quick answers. Claroty won Phase I.
In Phase II, contestants processed a live stream of network data. The data included various known malware (e.g., Havex and Stuxnet), port scans (fast and slow), policy violations (e.g., plaintext passwords), logic changes and firmware, etc. This tested the products’ ability to detect attacks that can impact industrial processes and precursor activity, early in the “cyber kill chain” that can signpost an impending attack. Claroty’s Continuous Threat Detection product won Phase II, and took first place in the overall contest.
During the award ceremony, judges Eric Byres, John Cusimano and Ron Brash discussed the challenge with the Claroty Research team members Amir “Jumbo” Preminger, Tal Keren and Nadav Erez. The judges noted just how difficult it was for the contestants. Byres remarked that the contest was “much harder than the real world” because of the limited time sample, lack of context and the use of only one sensor. In a nod to the overall category, Byres also noted that he was “pleasantly surprised just how well all the products performed.”
“The S4 win is a testament to the hard work and dedication of our ICS Research and Software Engineering teams. They continue to innovate and advance our Continuous Threat Detection and the other products in the integrated Claroty Platform,” said Amir Zilberstein, Chief Executive Officer of Claroty. “We also want to thank the S4 and aeSolutions teams who worked so hard to create the ICS Detection Challenge. Their efforts are helping to raise the bar in industrial cybersecurity.”
S4, now in its 11th year, is a leading industrial cybersecurity conference led by Dale Peterson of Digital Bond. S4 has grown from a 2-day event in a single 45-seat case study room to 3 days on 3 stages with more than 300 of the top ICS and IoT security professionals in the world, including the people who are driving change and influencing asset owners, vendors and the community.
Launched as the second startup from Israel’s famed Team8 foundry, Claroty combines elite management and research teams and deep technical expertise from both IT and OT disciplines, with backing from premier investors such as Bessemer Venture Partners and Innovation Endeavors. With an unmatched understanding of ICS, SCADA and other essential OT/IIoT systems, the Claroty team is building an unparalleled suite of integrated products addressing the full spectrum of cybersecurity protection, detection and response requirements. For more information, visit www.claroty.com.