technology

System setup

IT and/or cybersecurity people within organisations that deploy corporate or OT specific cybersecurity systems may still feel like they’re still vulnerable with regards to certain digital assets.

This could be due to the proliferation of isolated machine networks, legacy machines running End-of-Life operating systems that control expensive manufacturing machines or physically distributed stations out in the field. P-X can help you monitor those types of assets and attaining the level of grip you desire to help guarantee business continuity.

Deploying P-X is safe and easy

① downtime can be extremely costly

Downtime related to cybersecurity incidents can be costly, but downtime associated with the implementation of cybersecurity systems can also seriously disrupt business flows. P-X is a fully independent cyber sensor that does not interfere with delicate operational systems during deployment, service and removal.

② Adapting legacy infrastructure can be costly and disruptive.

Legacy infrastructures and equipment that still function fine are rarely replaced pre-emptively. They can become very vulnerable to cyberthreats due to a lack of security updates or other infrastructural limitations that inhibit central threat monitoring. P-X can be deployed without having to invest in infrastructural adaptations across the most isolated assets in your operation.

③ Large cybersecurity investments can provoke complicated strategic questions.

Organisations that are responsible for managing a fragile ecosystem of legacy operational technology can be weary of investing large sums of money in cybersecurity systems that may become redundant quickly. P-X’s cyber sensors are an accessible way of monitoring blind spots for cyberthreats across multiple (future) generations of operational equipment.

Deploy distributed sensors

A P-X deployment relies on a distributed approach in which multiple cyber sensors are deployed across selected endpoints or networks. These sensors, called P-X nodes, are powerful network monitoring platforms.

By default, P-X nodes are deployed as a cluster. All of the P-X nodes in the cluster are connected via a proprietary out-of-band medium (a military grade Radio Frequency protocol).

RF ensures P-X does not rely on a host network in any way. This greatly enhances usability and security. Additionally, P-X nodes in default mode do not require an IP address. A crucial safety and usability feature.

P-X’s passive, non-intrusive nature allows for seamless integration with legacy (cybersecurity) systems and provides users with an extra line of defence across their digital infrastructure to help monitor merging cyber threats.

P-X nodes are extra secure

Threat actors are looking to own your digital assets by owning or circumventing your cybersecurity measures. P-X’s distributed nature, the use of RF and the lack of an IP address ensures that owning or circumventing the system is virtually impossible. This creates additional security and insurance with regards to your digital assets and/or your other cybersecurity measures.

Deployment variants

P-X passive setup with breakout node

P-X passive setup with different break-out options

P-X span setup with breakout node

P-X span setup with different break-out options

P-X active setup with different break-out options

Technology

threat detection

A multi-component detection framework to detect threats and breaches runs on the P-X node. The P-X detection framework processes the traffic passing by the node and looks for hack attempts, unknown (zero-day) exploits and known attacks. The patented P-X detection framework is designed to discover generic malicious code that indicates arising threats.

Currently P-X nodes run two default detection components

Component A - reconnaissance detection

Component A detects network traffic that is generated in the reconnaissance phase. This traffic usually includes a large number of connect attempts, scans for available services and other traffic to determine the network topology.

Component B - breach attempt detection

Component B detects weaponised payloads that are part of an exploit. These payloads are generic and often contain machine executable code that can be detected by P-X regardless of the type of breach.