OTORIO RAM² manages cyber risks and keeps your production lines safe and operational. The RAM² - Cisco integration generates insights on how to prevents risks. 

RAM², OTORIO’s next generation Security Orchestration, Automation, and Response (SOAR) platform, maximizes the capabilities of Cisco’s Industrial Security Appliances.

The RAM²-Cisco Integration provides continuous cyber risk assessment of the OT network using Cisco Syslogs. The OTORIO security engine correlates events from Cisco with data and events from multiple security and industrial systems to generate insights about how to prevent risks.

Integration Benefits

• Maximizes the capabilities of the Cisco firewall installed base
• Improves visibility by providing asset inventory of the firewalls themselves and the assets behind them
• Protects your network by monitoring activities and detecting suspicious behavior and correlating it with other events
• Reduces risks with attack graph simulation that provides prioritized mitigation actions for proper segmentation and risk reduction

Use Cases:
Segmentation Assessment

RAM² creates a digital twin of the OT network and uses it to simulate cyber attacks to evaluate and prioritize the risks to operational continuity. For each of the risks, RAM² generates accurate mitigation recommendations for proper segmentation and risk reduction. It combines the network topology with information about asset vulnerabilities and the potential impact of an attack on each asset. The actual firewall rules from Cisco’s firewall are analyzed for an accurate analysis of the attack graph and provides suggestions for configuration changes.

Detection of Suspicious Activity

RAM² monitors remote access and raises alerts about suspicious authentications (failures or activity during unexpected hours) to the factory by an employee or maintenance team. By correlating events from Cisco firewalls with data from additional sources, RAM² identifies malicious patterns and adds important industrial context that reflects potential impact on operational continuity.

OTORIO’s RAM² Solution

OTORIO RAM² is a centralized, simplified, and automated industrial digital and cyber risk management solution. It is an unparalleled, industrial SIEM & SOAR platform, drawing from industrial and security data sources to automate and coordinate converged IT-OT security tasks for rapid remediation and response. The RAM² platform integrates seamlessly with a variety of production floor data sources (e.g., antivirus and firewall) and uses an industrial-intuitive UX/UI that can be operated by production operational personnel.