Working Together for a Secure Critical Infrastructure Protection Ecosystem
On this page, you will find all our cybersecurity partners listed. To explore our memberships and communities, just follow the link.
Fortinet’s Open Fabric Ecosystem provides you with integrated solutions for comprehensive end-to-end security. Such solutions contain physical firewalls, antivirus software, intrusion prevention systems, and endpoint security components.
We offer collaborative solutions to protect critical infrastructures and the grid from cyberattacks. They are equally useful and usable for both power engineers and IT security officers. Our partnership with Fortinet builds a bridge between IT and OT: Fortinet knows the current threat situation on the Internet, while OMICRON knows the threats to protection, control technology, and the electrical grid. Together, we empower you to achieve an unprecedented level of security through cross-industry expertise.
Integration of OMICRON StationGuard into FortiSIEM
StationGuard is tailor-made for the energy sector. It detects threats to the infrastructure and provides an overview over all devices in the network and their status for guaranteed asset visibility.
By combining our solution with Fortinet’s SIEM FortiSIEM, all alarms from StationGuard - including its OT intelligence - are transmitted to FortiSIEM and collected in one place. Over 130 event types with their corresponding event type groups and an easy-to-understand dashboard help Security Operations Center (SOC) analysts to secure your IT and OT.
Benefits of the joint FortiSIEM and OMICRON StationGuard solution:
- You can integrate StationGuard in Fortinet’s SIEM FortiSIEM within seconds.
- StationGuard effectively traces alarms to events in the grid. These highly intelligent alarm messages are, thus, directly available in FortiSIEM and help your Security Operations Center (SOC) analysts to make the right decision immediately.
- Fortinet’s SIEM application enables immediate incident responses and deeper analysis of StationGuard events in correlation with other messages. These are integrated in Fortinet's User and Entity Behavior Analytics (UEBA) engine.
- OMICRON's OT expertise and know-how is anchored in the SOC. This results in improved visibility of OT threats in the enterprise and provides comprehensive protection against attacks on IT as well as OT.
Implement StationGuard into your FortiSIEM account in 5 simple steps:
StationGuard Integration FortiSIEM (Integration Note)420 kB
All the benefits of our joint solutions so far:
StationGuard and Fortinet (Solution Brief) 193 kB
NTS designs, installs, and supports solutions in the digital space. Thus, turning IT products into holistic strategies. Together with high-end manufacturers, NTS assumes digital responsibility and creates IT solutions with reliable services for the areas of network, security, collaboration, cloud, and data center.
We provide you with security operations that master all cybersecurity, monitoring, and electric grid requirements. With the combined know-how of IT and OT, we empower you to achieve unprecedented levels of IT/OT security and reliability through cross-industry expertise.
Combine OMICRON StationGuard with NTS Threat Detection Service
OMICRON’s OT intrusion detection solution StationGuard monitors Ethernet networks in the grid and identifies cyber threats, unauthorized activities, malfunctions, and vulnerabilities. This combination of cybersecurity and functional monitoring can not only identify new threats and yet unknown attack scenarios, but also various types of malfunctions.
All security-relevant information around your IT and OT infrastructure is analyzed in real time in the NTS Threat Detection Service. The specially trained NTS Defense SIEM Team examines all suspicious events and evaluates them in terms of threat and urgency.
Benefits of the joint NTS Threat Detection Service and OMICRON StationGuard solution:
- OT knowledge-enriched alerts and an easy-to-understand dashboard help assessments and incident responses.
- Our OMICRON OT Security Team attends to the cybersecurity of power utility automation systems. It is in constant communication with the NTS Defense Team to guarantee swift responses to security incidents (i.e., data breaches) as well as the delivery of time-critical information about potential threats to the grid. Our support to any arising threat is practically immediate.
- You enjoy the improved visibility of OT threats in the enterprise and comprehensive protection against attacks on IT as well as OT.
Splunk handles the searching, monitoring, and analysis of machine-generated big data via a web-style interface. Splunk captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, interfaces, and visualizations.
As technological partners, we not only care for the compatibility of our solutions but also enhance their quality in the process. Splunk’s extensible data platform powers unified security, full-stack observability, and limitless custom applications. Key aspects of our partnership contain solutions for monitoring and troubleshooting traditional but also cloud-native technologies to meet your business needs.
OMICRON StationGuard App on Splunkbase
Download the OMICRON StationGuard App on Splunkbase here.
Our OT intrusion detection solution StationGuard monitors Ethernet networks in the power grid and identifies cyber threats, unauthorized activities, malfunctions, and vulnerabilities. This combination of cybersecurity and functional monitoring identifies new threats and yet unknown attack scenarios as well as various types of malfunctions.
The StationGuard App for Splunk maps and visualizes the data received from a StationGuard device (via TCP/UDP) in a decidedly clear and customizable way. Splunk allows StationGuard to expand its functionality and report structure.
For integrating StationGuard devices into a Splunk environment, we provide a preconfigured Splunk application, which can be used and installed on a Search Head or a single host installation of Splunk. It creates the proper data inputs, a source type, and the event types to be used for the StationGuard logs. The fields in the syslog events are, then, parsed and utilized in the corresponding views. Eventually, these fields are mapped to the corresponding Splunk common information model (CIM) for intrusion detection and monitoring. To visualize data from StationGuard devices, two initial dashboards are included in the StationGuard app.
Benefits of the joint OMICRON StationGuard on Splunkbase solution:
- Operational technology knowledge-enriched alerts and easy-to-understand dashboards help assessment and imminent incident response.
- Continual, problem-free signal mapping through compatible Splunk SIEM integration – now and in the future.
- Easy setup of new rules and functional enhancement to the report structure, i.e., reports can be run at any time and fetch fresh results with every run; the reports can be shared with other users and added to graphs and other interfaces.
- Improved capability of discovering security threats to the power system in the enterprise and comprehensive protection against attacks on IT as well as OT.
ALSEC Cyber Security Consulting AG specializes in the protection of energy and industrial systems. Their knowledge is based on over 65 years of experience in this field. Their cybersecurity experts support you with proficient and individual services: Starting with trainings, the development of processes as well as the evaluation of products through to their implementation.
The consulting capacity of our partnership provides a collaborative learning base for you. Our goal is to help you improve your cybersecurity through threat intelligence with higher resilience, and to minimize the impact of security-related disruptions to your utilities and the grid.
We strengthen your overall infrastructure and resilience from cyberattacks by improving today's infrastructure security, thereby targeting emerging threats from the get-go. Risks are identified through data collection. Using our collective wealth of experience, we help you develop, evaluate, and manage actions based on the situation. In addition, through the combined IT and OT approach, we create a holistic awareness of the threats in your company and thus achieve rapid learning effects together.
In line with our core values
We expect nothing less from our partners
Accordingly, we select our partners carefully and after much consideration. We only collaborate with organizations that share our core values and provide our customers and the community with the best solutions to rapidly evolving, global cyber threats.
Together we optimize OT and IT Security for your benefit!