Skip to content

SCADAfence 在 2022 年 RSA 會議期間榮獲三項著名的信息安全獎

SCADAfence Wins 3 Awards at RSA 2022 – 1. Most Innovative Governance, Risk and Compliance (GRC) 2. Next Gen ICS/SCADA Security  3. Most Innovative Internet of Things (IoT) Security  

San Francisco, California June 6, 2022 – SCADAfence, the global technology leader in OT & IoT cyber security, is proud to announce we have won the following awards from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine:

  • Most Innovative Governance, Risk and Compliance (GRC)
  • Next Gen ICS/SCADA Security
  • Most Innovative Internet of Things (IoT) Security

SCADAfence has won the award for Most Innovative Governance, Risk and Compliance (GRC) in recognition of the governance portal, which provides a multi-site regulatory and policy compliance framework. The portal provides companies with OT networks increased readiness and compliance for organizational policies and regulations. The SCADAfence governance portal is unique in the marketplace, that allows organizations to audit compliance based on real traffic data across multiple sites, and provides ready-to-use compliance dashboard and reports. SCADAfence is currently the only vendor who offers this technology.

Additionally, SCADAfence has won the award for Next Gen Next Gen ICS/SCADA Security since they have a unique Micro Granular Baseline technology. This technology learns every device granularly, per asset and per traffic characteristics. This unique technology provides the most accurate detection mechanism, and dramatically reduces false-positives without the need to reconfigure the baseline upon any changes. Customers get baselining results in hours vs weeks and it keeps getting smarter with advanced AI capabilities.

SCADAfence has also won the award for Most Innovative Internet of Things (IoT) Security, for their ability to provide comprehensive protection to complex industrial IIoT networks comprising thousands of devices from various manufacturers with multiple vulnerabilities.

“We’re thrilled to receive one of the most prestigious and coveted cybersecurity awards in the world from Cyber Defense Magazine” said Elad Ben-Meir, CEO of SCADAfence. “We knew the competition would be tough and fierce. We couldn’t be more pleased to be recognized as Innovators and leaders in the OT security industry.”

“SCADAfence embodies three major features the judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways that can help stop the next breach,” said Gary S. Miliefsky, Publisher of Cyber Defense Magazine.

We’re thrilled to be a part of  this coveted group of winners, located here: www.cyberdefenseawards.com/

About SCADAfence

SCADAfence is the global technology leader in OT & IoT cyber security. The SCADAfence platform enables organizations with complex OT networks to embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. The non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and governance with minimal false-positives. SCADAfence delivers proactive security and visibility to some of the world’s most complex OT networks, including the largest manufacturing facility in Europe. SCADAfence enables organizations in manufacturing, building management and critical infrastructure industries to operate securely, reliably and efficiently. To learn more, go to http://www.scadafence.com

About CDM InfoSec Awards

This is Cyber Defense Magazine’s eighth year of honoring InfoSec innovators. Our submission requirements are for any startup, early stage, later stage or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service. Learn more at http://www.cyberdefenseawards.com

About the Judging

The judges are CISSP, FMDHS, CEH, certified security professionals who voted based on their independent review of the company submitted materials on the website of each submission including but not limited to data sheets, white papers, product literature and other market variables. CDM has a flexible philosophy to find more innovative players with new and unique technologies, than the one with the most customers or money in the bank. CDM is always asking “What’s Next?” so we are looking for Next Generation InfoSec Solutions.

About Cyber Defense Magazine

With over 5 Million monthly readers and growing, and over 17,000 pages of searchable online infosec content, Cyber Defense Magazine and our sister magazine being announced after the show is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free, and special editions exclusively for the RSA Conference. CDM is a proud member of the Cyber Defense Media Group, a division of Ingersoll Lockwood. Learn more about us at http://www.cyberdefensemagazine.com and visit http://www.cyberdefensetv.com and http://www.cyberdefenseradio.com to see and hear some of the most informative interviews of many of these winning company executives.

As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques.

Ripple20 are 19 vulnerabilities revealed by Israeli firm JSOF that affect millions of OT and IOT devices. The vulnerabilities reside in a TCP/IP stack developed by Treck, Inc. The TCP/IP stack is widely used by manufacturers in the OT and IoT industries and thus affects a tremendous amount of devices.

Among the affected devices are Cisco Routers, HP Printers, Digi IoT devices, PLCs by Rockwell Automation and many more. Official advisories by companies who confirmed having affected devices can be found here, in the “More Information” section.

The most critical vulnerabilities are three that can cause a stable Remote Code Execution (CVE-2020-11896, CVE-2020-11897, CVE-2020-11901) and another that can cause the target device’s memory heap to be leaked (CVE-2020-11898).

On behalf of our customers, we set out to explore the real impact of these vulnerabilities, which we’re now sharing with the public.

The research has been conducted by researchers Maayan Fishelov and Dan Haim, and has been managed by SCADAfence’s Co-Founder and CTO, Ofer Shaked.

Exploitability Research
We set out to check the exploitability of these vulnerabilities, starting with CVE-2020-11898 (the heap memory leak vulnerability), one of the 19 published vulnerabilities.

We created a Python POC script that is based on JSOF official whitepaper for this vulnerability. According to JSOF, the implementation is very similar to CVE-2020-11896, which is an RCE vulnerability that is described in the whitepaper. Also mentioned about the RCE vulnerability: “Variants of this Issue can be triggered to cause a Denial of Service or a persistent Denial of Service, requiring a hard reset.”

Trial Results:
Test 1 target: Samsung ProXpress printer model SL-M4070FR firmware version V4.00.02.18 MAY-08-2017. This device is vulnerable according to the HP Advisory.

Test 1 result: The printer’s network crashed and required a hard reset to recover. We were unable to reproduce the heap memory leak as described, and this vulnerability would have been tagged as unauthenticated remote DoS instead, on this specific printer.

Test 2 target: HP printer model M130fw. This device is vulnerable according to the HP Advisory.

Test 2 result: Although reported as vulnerable by the manufacturer, we were unable to reproduce the vulnerability, and we believe that this device isn’t affected by this vulnerability. We believe that’s because the IPinIP feature isn’t enabled on this printer, which we’ve verified with a specially crafted packet.

Test 3 target: Undisclosed at this stage due to disclosure guidelines. We will reveal this finding in the near future.

Test 3 result: We found an unreported vendor and device, on which we can use CVE-2020-11898 to remotely leak 368 bytes from the device’s heap, disclosing sensitive information. No patch is available for this device. Due to our strict policy of using Google’s Responsible Disclosure, we’ve reported this to the manufacturer, to allow them to make a patch available prior to the publication date.

Key Takeaways
We’ve confirmed the exploitability vulnerabilities on our IoT lab devices.

On the negative side: The vulnerabilities exist on additional products that are unknown to the public. Attackers are likely to use this information gap to attack networks.
On the positive side: Some devices that are reported as affected by the manufacturers are actually not affected, or are affected by other vulnerabilities. It might require attackers to tailor their exploits to specific products, increasing the cost of exploitation, and prevent them from using the vulnerability on products that are reported as vulnerable.

SCADAfence Research Recommendations
Check your asset inventory and vulnerability assessment solutions for unpatched products affected by Ripple20.
The SCADAfence Platform creates an asset inventory with product and software versions passively and actively, and allows you to manage your CVEs across all embedded and Windows devices.
Prioritize patching or other mitigation measures based on: Exposure to the internet, exposure to insecure networks (business LAN and others), criticality of the asset.
This prioritization can automatically be obtained from tools such as the SCADAfence Platform.
Detect exploitation based on network traffic analysis.
The SCADAfence Platform detects usage of these exploits in network activity by searching for patterns that indicate usage of this vulnerability in the TCP/IP communications.
If you have any questions or concerns about Ripple20, please contact us and we’ll be happy to assist you and share our knowledge with you or with your security experts.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.

INDIANAPOLIS, August 4, 2020 — Scale Computing, a market leader in edge computing, virtualization, and hyperconverged solutions, today announced it is experiencing increased demand for its HC3 virtualization platform across the healthcare industry.

The healthcare industry is consumed with the need to simplify the management of IT assets and reduce the time and effort expended on maintaining the current IT environment. Paris Community Hospital, Riverwood Healthcare Center, Costa Salud Community Health, and North Valley Hospital all faced significant IT challenges. These included a need to enable virtualization without complexity, improve availability of critical workloads, improve disaster recovery, and solve single vendor support of infrastructure, all while needing to meet an affordable price point.

Paris Community Hospital, part of Horizon Health, is a 25-bed critical-access hospital located in Paris, Illinois. It is a full-service provider that includes emergency medicine, surgery, rehabilitation services, radiology, diabetes education, and more. The company’s four-person IT team turned to Scale Computing to simplify the management of its IT assets and reduce the time and effort expended on maintaining the environment. Scale Computing HC3 provided a cost-effective way to simplify its IT infrastructure and VDI management as well as improved performance. It also delivered enhanced security and control and enabled rapid deployment of virtual desktops, cutting time-to-implementation from a week to two hours.

Edgar Weeks, information services manager, Paris Community Hospital, comments: “With the previous environment, the high cost of maintenance and replacement, as well as the overhead required to go through so many devices and workstations individually, was a serious issue for a small, lean organization like us. Scale Computing delivered a solution that has addressed all the challenges we faced more cost-effectively than all other options. We can add users faster, manage connections more effectively, provide better control over user access and deliver vastly improved security.”

Riverwood Healthcare Center has been providing care to residents of Aitkin County in Northern Minnesota for more than 60 years. Riverwood IT leadership turned to Scale Computing to help virtualize their operations and fortify their disaster recovery efforts with a single vendor. The Scale Computing HC3 solution simplified the center’s efforts, working across its entire infrastructure and reducing the time the Riverwood IT team spends managing its infrastructure by nearly 25%, and with a much smaller footprint.

Mike Kongsjord, IT administrator, Riverwood Healthcare Center, stated: “HC3 reduced time in implementation, making our response to requests more efficient, thus increasing satisfaction. Overall maintenance of the device is much less than supporting physical servers.”

Costa Salud Community Health is located in Rincon, Puerto Rico. The health center’s general practitioners provide comprehensive, continuous and primary healthcare services to patients. Costa Salud Community Health was looking for a single vendor solution to support its infrastructure and improve disaster recovery, all at an affordable cost. It turned to Scale Computing’s HC3 for hypervisor licensing renewal and to support higher uptime SLAs for critical workloads. Thanks to its built-in high availability, HC3 decreased the time spent recovering from a hardware failure running a critical workload from 1-8 hours to less than 10 minutes (an 83-97% reduction in recovery time). Scale Computing’s solution also reduced the time the IT staff spends managing infrastructure by more than 75% after deployment of HC3.

Ismael Ruiz, IT vice president, Costa Salud Community Health, commented: “The Scale Computing solution was very interesting from the beginning. Employees do not need certifications to use the platform. Also, we do not have to be constantly upgrading. One opportunity we saw apart from the cost was support. No matter the time, a service engineer always helps us by phone in a short time. In our case, we evaluated a lot of products and HC3 was the best suited for our operations.”

North Valley Hospital, located in Washington state, strives to provide quality patient care and education that enhances the health and well-being of its communities. While struggling to find availability to accompany its critical workloads and enable virtualization without complexity, North Valley Hospital looked to Scale Computing. Scale Computing’s HC3 not only addressed those issues, but also improved disaster recovery. The high availability built into HC3 allowed North Valley Hospital to decrease the recovery time needed for a hardware failure running a critical workload, from 8-24 hours to less than 10 minutes (97-99% reduction in recovery time). In addition, after deploying HC3, the amount of time the IT staff spends managing infrastructure was reduced by 50-74%.

Carlos Antuna, IT manager, North Valley Hospital, commented: “HC3 reduced complexity and increased availability.”

“When it comes to IT, healthcare organizations face many of the same challenges as any other organization, including limited budgets and scalability. Healthcare organizations also face challenges related to storing, managing and protecting critical patient data and research data and keeping systems available to handle critical care,” said Jeff Ready, CEO and co-founder, Scale Computing. “Healthcare organizations of all types have been choosing HC3 hyperconverged infrastructure from Scale Computing to serve their IT infrastructure needs. HC3 offers simplicity, scalability, availability, and affordability to organizations who need to streamline operations with a reliable solution. Whether a healthcare organization is specialized in emergency services, mental health, medical imaging, research or any other aspect of care, HC3 is the smart choice.”

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Scale Computing
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.