Threat Feeds

 ICS SCADA feeds (External)

External ICS/SCADA Feeds: 
We have deployed the industry’s most extensive global deployed Honeypot network - our approach ensure that the attackers are interacting with real equipment/ believable simulators to ensure the best possible threat data. The data are then improved, adding a numbers of Tags to drill down the data, e.g marking; 'known' scanners (SHODAN, Rapid7 etc), special movement/preference and signature of the tools/Zero-days used (whenever possible).

Our Honeypot network current support the following ICS/SCADA- specific software/devices including;
  • Various PLC's vendors
  • Various Industrial Firewall & Industrial network vendors
  • Industrial Ethernet-to-serial converters 
  • HMI and other industrial equipment
To catch real attackers - you do need equipment, that looks and feels real!

Some user cases;

I'm a National CERT - I would like to know who's attacking infrastructure located in my country.

We can provide attack data from our global deployed network- please contact us for more info

I'm a National CERT - I would like to know who's attacking others from IP addresses located in my country.

We can provide attack data from our global deployed network- please contact us for more info

I'm a Security company, who provides "Early Breach warning" to my clients.

We can provide attack data from our global deployed network - then you can compare that data with your clients IP adresses and alert them whenever a device from them attacks our honeypots.

I do need to build a in-house early warning system with Honeypots - what to do ?

We can provide expert education within the whole lifecycle; planning, building, deployment and practical usage of Honeypot as Early warning detection and prevention.