Positive Technologies was founded in 2002. Today the company is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Our experts have earned a reputation as the world's foremost authorities on ICS, ERP, Banking, and Telecom security. Our expertise in ICS network security forms the basis for PT ISIM.
PT ISIM freeView Sensor is a free edition of ISIM made by Positive Technologies. ISIM (Industrial Security Incident Management) is a specialized solution for continuous monitoring of ICS security and incident management.
Practical experience shows that few specialists responsible for ICS operation can get an overall picture of the state of the network. The PT ISIM freeView Sensor software appliance allows you to look inside an ICS network, analyze how equipment interacts, identify recurring issues, ensure continuous monitoring of ICS network security, and much more.
Many of our customers wrongly believe that ICS security is complex. We want to show that an ICS security product can be easy to install and user-friendly.
Quite a lot. Both editions:
The major difference is in the PT ISIM freeView Sensor licensing policy, technical support, and features. PT ISIM freeView Sensor is available free of charge on the Positive Technologies website.
PT ISIM freeView Sensor does not contain all of the incident detection rules from the PT ISIM netView and PT ISIM proView library and has fewer features compared with commercial editions.
For instance, the following features are provided by commercial editions only:
SIEM and ISIM serve different purposes. If you have one, it does not mean that you do not need the other.
SIEM is a centralized and unified system for collecting, analyzing, and correlating network events. The primary purpose of SIEM is to set up a single point where information about suspicious events and incidents is collected, including information received from individual systems such as PT ISIM. PT ISIM is a specialized tool for detecting cyberattacks in industrial networks and can be used as a source of data for SIEM.
An air gap may be specified in the design documentation, but there may always be deviations from it in practice: additional undocumented changes to the network, undocumented equipment with access to other subnetworks, temporary or auxiliary connections due to repair and other works, and so on. Constant changes are commonplace due to the continuous nature of the production process and the development of network infrastructure. Changes to the network may be occasional (for example, when an operator connects a USB modem). Such events must be detected and the network must be constantly monitored. An air gap does not provide protection against penetration from inside. PT ISIM allows you to build an up-to-date network topology based on real network traffic and ensure constant monitoring for anomalies.
Customer support service by UserEcho