RAM2 - Cisco Integration
OTORIO RAM2 manages cyber risks and keeps your production lines safe and operational. The RAM2 - Cisco integration generates insights on how to prevents risks.
RAM2, OTORIO’s next generation Security Orchestration, Automation, and Response (SOAR) platform, maximizes the capabilities of Cisco’s Industrial Security Appliances.
The RAM2-Cisco Integration provides continuous cyber risk assessment of the OT network using Cisco Syslogs. The OTORIO security engine correlates events from Cisco with data and events from multiple security and industrial systems to generate insights about how to prevent risks.
RAM2 creates a digital twin of the OT network and uses it to simulate cyber attacks to evaluate and prioritize the risks to operational continuity. For each of the risks, RAM2 generates accurate mitigation recommendations for proper segmentation and risk reduction. It combines the network topology with information about asset vulnerabilities and the potential impact of an attack on each asset. The actual firewall rules from Cisco’s firewall are analyzed for an accurate analysis of the attack graph and provides suggestions for configuration changes.
Detection of Suspicious Activity
RAM2 monitors remote access and raises alerts about suspicious authentications (failures or activity during unexpected hours) to the factory by an employee or maintenance team. By correlating events from Cisco firewalls with data from additional sources, RAM² identifies malicious patterns and adds important industrial context that reflects potential impact on operational continuity.
OTORIO’s RAM2 Solution
OTORIO RAM2 is a centralized, simplified, and automated industrial digital and cyber risk management solution. It is an unparalleled, industrial SIEM & SOAR platform, drawing from industrial and security data sources to automate and coordinate converged IT-OT security tasks for rapid remediation and response. The RAM2 platform integrates seamlessly with a variety of production floor data sources (e.g., antivirus and firewall) and uses an industrial-intuitive UX/UI that can be operated by production operational personnel.