PAS is pleased to announce the release of Cyber Integrity™ v5.5.0. It provides secure configuration baselining for process control networks (PCNs). Now it is easier to develop, document, and maintain baselines so you can sustain compliance and assure secure operations.
The PAS secure configuration baselining makes it easier to include the specific industrial endpoints and configuration items that matter most. In addition, it provides the capability to quickly identify baseline deviations and to create/manage workflows for the identified deviations.
For additional information:
New capabilities include:
- Include and exclude desired cyber assets – For any given baseline, assets can be included individually or by unit, plant, company as per the asset hierarchy.
- Leverage pre-built best-practice templates to simplify baseline development – Eliminate the vast majority of work needed to identify security configuration object/attributes that should be included based on asset type and criticality with PAS supplied templates.
- Develop custom baseline templates to meet organizational goals and plant/unit needs – Customize what configuration object/properties are included in a baseline so that just about any unit, plant, or company needs can be met.
- Continuously identify industrial endpoint baseline deviations – Isolates the changes so that cybersecurity teams can be more effective and don’t have to wade through hundreds or thousands of non-security impacting changes.
- Review baseline deviations and initiate research and remediation workflows – Quickly assess identified deviations – approve, reject, or initiate investigation workflows and track through to conclusion.
- Track roll-back progress for unapproved changes – Leverage the Cyber Integrity workflows to assign tasks when baseline deviations are rejected to ensure that endpoint configurations are corrected.
- Compare historical baselines to isolate when a particular change may have been introduced – By default, ten documented baselines are retained – compare any of these to the current baseline to isolate when a particular change occurred.
- Retain baseline deviation research and due diligence artifacts and workflows – Auditors often want to see samples and proof of due diligence procedures – all workflows and associated documentation and notes are retained.