In this installment of our 9-part series, we feature our portfolio company Indegy, an industrial cybersecurity solution that has enterprise-class OT security capabilities to protect businesses and their critical infrastructure.
1. Vertex Perspectives
Industrial Cybersecurity
Indegy is committed to protecting businesses,
critical infrastructure and governments from
cyber threats, malicious insiders and human
error by delivering comprehensive set of
enterprise-class OT security capabilities to
ensure safety and reliability of complex
industrial control system environments
Counter-Drone Solutions
for Urban Environments
2. Company Snapshot
TEAM INVESTORS HIGHLIGHTS
Founders • Founded in 2014
• HQ: New York, US
• R&D: Tel Aviv, Israel
• Series B
• Multiple awards including
• E.ON agile accelerator corporate
challenge
• Gartner “Cool Vendor”: Digitalisation
through Industrie 4.0
• Frost & Sullivan 2017 Product Leader
in ICS for Pharmaceutical
Manufacturing
Shlomo Kramer
General (Ret) David H. Patraeus
Barak Perelman, CEO
Graduate of Israel’s elite Talpiot
military academy and brings over 15
years of hands-on experience in
cybersecurity strategies and
protection of critical infrastructures.
Mille Gandelsman, CTO
Graduate of Israel’s elite Talpiot
military academy and has led
engineering efforts for Stratoscale and
several years leading cybersecurity
research for IDF’s intelligence corps.
Ido Trivizki, VP R&D
An avid systems researcher of various
computing technologies, Ido served as
captain in IDF’s intelligence corps and
led award winning projects. He was
also lead developer at Stratoscale.
3. Industry Challenges
ICS lack visibility and security controls
Industrial Control Systems (ICS) are no longer isolated, static
systems. They are connected to the enterprise and are subject to the
same security risks that threaten downtime from malware, attacks,
insider threats, human error, and failed system maintenance.
Existing solutions fall short –
Traditional IT
• No coverage of OT assets for vulnerability and configuration
• No visibility into the unique patterns and protocols of ICS attack
traffic
Network only OT solutions
• Blind to changes from local maintenance
• Lack context of endpoint state during attack
• Inability to gather reliable patch & risk data
As OT systems were traditionally segregated and isolated, controllers
were not architected to address the security threats or human errors
now experienced. In addressing this relatively new security threat, it is
essential to gain visibility to the entire ICS environment.
4. Solution Overview
Indegy Cybersecurity Suite is purpose-built for ICS networks. It is an
all-in-one turnkey appliance that offers:
• Asset tracking: full asset discovery and automated inventory
• Threat detection & mitigation: monitors for both cyber threats
and operational mistakes, generates alerts based on detection of
behavioural anomalies and predefined policy conditions
• Vulnerability management: periodic reports of risk levels for each
of the assets in the ICS network
• Configuration control: Tracks and logs all engineering activities
taking place in ICS environment
• Enterprise visibility: Comprehensive view of the IT & OT
environment reporting and integration with third party solutions
Access Indegy’s e-book to learn how ICS cybersecurity solution can
provide visibility, security and control of OT network and critical
infrastructure.
5. Solution Overview
Hybrid technology engineered for OT networks – combination of passive monitoring with native active querying
• Trigger device integrity checks after
suspicious network activity
• Rule out false positives,
provide more context
• What user was logged in?
• What processes were running?
• “Login attempt” identified, did it work?
• “Code download” identifies, what was
the key state at the time?
The other vendors had a
more passive monitoring
solution. Indegy does both
the passive and active
component which was a
real value to us.
-- Steve Worley,
SCADA Security Manager,
City of Raleigh NC
”
“
6. Case Studies
Secure industrial operations across multiple sectors
Customer Spotlight: City of Raleigh Public Utilities Department
• Use Case: Ensure safety and sustainability of public utilities
• Background: To detect potential security threats that could
potentially harm the water supply and disrupt critical services, the
Public Utilities department required full visibility and control of
changes made to PLCs and other key devices in its industrial
environment. The manual processes previously used for inventory
management were both time-consuming and error-prone, making it
difficult to maintain an up-to-date and accurate inventory of ICS
assets, which is crucial for risk assessment and regulatory
compliance
• Results:
o Automated asset discovery: within minutes of installing
Indegy’s solution, the department was able to automatically
gather and display “huge amounts of data on out network that
would have taken weeks to gather manually”
o Real-time threat detection: ability to actively query PLCs and
learn what changes has been made was a major advantage
especially with contractors or systems integrator who made
changes to PLCs on regular basis
7. Competitive Advantage
Better. Faster. With greater visibility & control.
• Unparalleled product depth for collecting and analyzing data
o Indegy’s Device Integrity technology allows active
detection technology in conjunction with passive network
monitoring – a unique hybrid threat detection engine
• Combination of anomaly detection and ICS aware policies
• Patented device integrity technology
• Plug and play deployment creates immediate value
• Acclaimed by industry experts with global partners including
o SIEM: Radar, McAfee, Splunk, RSA Netwitness Log Rhythm
o Applications: Palo Alto Networks, Fore Scout, McAfee,
RSA Archer, Fortinet
o Consulting & integration: Mckinsey & Co, IBM, EY,
Accenture, Wipro, Booz Allen Hamilton
8. Thanks for reading!
About Vertex Ventures
Vertex Ventures is a global network of operator-investors who manage portfolios
in the US, China, Israel, India and Southeast Asia. Vertex teams combine first-hand
experience in transformational technologies, on-the-ground knowledge in the
world’s major innovation centers and global context, connections and customers.
Contributors
Disclaimer
This presentation has been compiled for informational purposes only. It does not constitute a recommendation to any party. The presentation relies on data and insights from a wide range of sources including public and private companies, market research firms, government agencies and
industry professionals. We cite specific sources where information is public. The presentation is also informed by non-public information and insights. Information provided by third parties may not have been independently verified. Vertex Holdings believes such information to be reliable
and adequately comprehensive but does not represent that such information is in all respects accurate or complete. Vertex Holdings shall not be held liable for any information provided. Any information or opinions provided in this report are as of the date of the report and Vertex Holdings
is under no obligation to update the information or communicate that any updates have been made.
Please stay tuned and do let us know if you’d like to subscribe to future issues of Vertex Perspectives.
Vertex Perspectives: Cybersecurity Series
• Cybersecurity | Risk. Impact. Innovations.
• Cybersecurity | Axonius: Asset Management Platform
• Cybersecurity | Cylus: Railway Cybersecurity
• Cybersecurity | Cymulate: Breach & Attack Simulation
• Cybersecurity | D-fend: Counter-Drone Solutions for Urban Environments
• Cybersecurity | Indegy: Industrial Cybersecurity
• Cybersecurity | Meta Networks: NaaS Software Defined Perimeter
• Cybersecurity | PerimeterX: Next Generation Bot Defense
• Cybersecurity | Very Good Security: SaaS Platform for Data Security