Ornamental dots. Two rows of three dots. The top row is a light blue. The bottom row is one light blue dot followed by two orange dots. Blog

A Founder’s Perspective on the S4 ICS Detection Challenge

Damiano Bolzoni, VP, OT and Industrial Business | January 23, 2018

The first ICS Detection Challenge took place last week in Miami during the world-renowned S4 event, attracting more than 400 ICS cybersecurity researchers and practitioners. When we heard about this opportunity at SecurityMatters, we signed up within a few hours. We were eager to benchmark ourselves against other industry leaders and showcase our capabilities during the first-ever public test for ICS cybersecurity products. We are very grateful to Dale Peterson, Eric Byres, Ron Brash and John Cusimano for the countless hours they put into this!

The outcome of the challenge is clear. Three vendors have very close and comparable capabilities, despite “every product (being) very good at something different”, as pointed out by the organizers. SecurityMatters’ SilentDefense achieved some remarkable results in the Detection phase of the challenge:

  • It ranked first in three detection categories (Delivery/Penetration, Lateral movement, Self Inflicted User Error).
  • It was the only product to score points in 9 categories out of 10.
  • It was the product with most first places and most ties for first place.

These results make SilentDefense a top product for detecting a wide range of threats out of the box.

A Founder's Perspective On The S4 ICS Detection Challenge 1

Categories in which the product scored points Categories in which the product won Categories in which the product tied for 1st place
SecurityMatters 9/10 3/10 3/10
Nozomi 8/10 2/10 2/10
Claroty 5/10 0/10 2/10
Gravwell 4/10 1/10 1/10

Anomaly Detection Results

The organizers also praised SilentDefense for its “excellent details on security issues”.

This is not a surprise for us, given our background and the foundations we laid down 9 years ago, a few months before Stuxnet was uncovered. SilentDefense was conceived as a network monitoring platform with advanced anomaly detection capabilities based on payload analysis. This is “academic jargon” for saying that it aims at detecting (unknown) exploits delivered by injecting data, like buffer and heap overflows for example. SecurityMatters has been awarded two patents for these capabilities.

In a shifting geopolitical scenario where nation states leverage cyber attacks to remotely affect operations at electric-power utilities or oil installations, advanced threat detection capabilities are paramount, and SilentDefense delivers out-of-the-box coverage and detection for a wide range of threats, not just when a malware changes the PLC configuration, but at the moment the malware makes its way into the network (the Delivery/Penetration category of the contest).

Over the years, SilentDefense has further evolved to meet additional customer requirements, like those related to asset inventory and vulnerability assessment, and has been expanded to detect operational errors and network misconfiguration (we call this the “Industrial Threat Library”, a proprietary knowledge base of 300+ ICS-specific threat indicators). The combination of best-in-class cyber threat detection highlighted in the challenge and its ability to provide daily operational value and support to our customers is what makes SilentDefense the unique product it is today.

This success would have not been possible without our amazing team. Not only those brave guys who spent two half days battling with other high-profile competitors, but also those who contribute to the product every day. A big thanks to all of you guys!

SecurityMatters has grown significantly since our first round of external investment in September 2016. Over the past 16 months we quadrupled our revenue and tripled our head count, reaching more than 50 people, all while breaking even from a financial perspective. We established partnerships with large ICS vendors and key IT players with whom we are serving customers on 5 continents and 10 different industrial verticals. These are significant achievements for a start-up that did not raise tens of millions in external funding, but generated real revenue through engagements with customers. In this journey, we have been lucky enough to have been joined by primary industrial groups including Robert Bosch, KPN, Phoenix Contact and a leading financial investor, Emerald Ventures, all providing us with unmatched business opportunities and strategical support.

As one of the founders of SecurityMatters, I can only be proud of what we have built and cannot wait to find out what tomorrow will bring!

To learn more about SilentDefense and its capabilities, check out our Solution Brief.


Demo Request Forescout Platform Top of Page