Past Events & Webinars

While active penetration testing is necessary for vulnerability detection, it poses the risk of accidental damage. As an alternative, Radiflow proposes a TI-based breach simulation method for OT networks.

Qualitative risk analysis is based on subjective opinions of Subject Matter Experts (SME). Heat-maps, risk matrices, red/yellow/green prioritization of risk factors and more are all subjective perceptions that can span a wide range of values. Priority levels are not…

Liron Benbenishti, Cyber Security Researcher at Radiflow, analyzes the 2015 Ukraine power grid attack using the ISA/IEC 62443-3-3 standard, which determines the actual security levels and evaluates the required security level that could have prevented the attack.

Ilan Barda, Radiflow CEO, reviews the state of OT cyber-security in 2020 and extrapolates the trends in 2021 and beyond, including WFH, the SolarWinds attack, ransomware in OT, OT-MSSPs and governing standards (e.g. IEC62443).

Radiflow CEO Ilan Barda discusses the key takeaways and trends regarding the SolarWinds security attack, and proposes guidelines for protecting industrial networks against such supply-chain type attacks.

Radiflow’s next-generation industrial security monitoring systems provide a fully automated suite for asset data collection, data-driven analysis and transparent risk metrics calculation.

Takeaways from our expert panel, with guests from Forrester & Siemens, on the importance of IEC62443-compliant risk assessment & management toward optimizing OT cybersecurity.

Cyber Industrial Automated Risk Analysis (CIARA) helps industrial automation and control system users to dramatically streamline risk reduction planning and compliance for improved cyber risk posture.

Steganography-based attacks on ICS networks are on the rise, some using the interconnectivity between the organization and its vendors/suppliers. Mitigation includes OT/IT network segregation; raising awareness among employees; and installing an IDS (e.g. Radiflow iSID) to detect anomalous network behavior.

Radiflow CEO llan Barda’s presentation at zenonIZE 2020 focuses on Analysis of Gaps and Mitigations in an OT network for IEC62443 compliance, and namely streamline the flow of security alerts between the security system (IDS) and the operations personnel and IT professionals.

The new iSID v5.7 introduces over a dozen improvements including automatic asset identification, threats prioritization using dynamic risk calculation and refined Deep Packet Inspection (DPI) across an expanded suite of OT protocols.

Evidence related to recent cyber-attacks against Honda and the Enel Group using the EKANS/SNAKE malware suggests that the attackers in both cases took advantage of both companies’ move to grant employees remote network access.

BleepingComputer had recently reported about highly-targeted steganography-based attacks on industrial enterprises, by means of sending malicious payloads hidden in ordinary images to supply chain vendors and 3rd-party collaborators.

Radiflow CPO Michael Langer discusses the context of a cyber-attack on an Iranian seaport that had been attributed to Israeli operatives as retaliation to an attack against Israeli water facilities attributed to Iranian operatives.

A leading Israeli news outlet recently reported that water/wastewater facilities in Israel were subject to cyber attacks. Radiflow CPO Michael Langer presents his analysis of the incident based on available information and prior attacks on water facilities, as well as recommendations for mitigation and network hardening.

This case study covers a deployment at a large Central European power plant, consisted of the iSID Industrial (OT) Threat Detection & Analysis System, iSAP Smart Collector and iSEG-3180 DPI-Firewall/Secure Gateway.

Securing an offshore rig introduces logistical challenges involving physical access and communications. Radiflow’s solution, included its iSID Industrial Threat Detection and Analysis System and iCEN Central Management System.

Given the level of access provided through remote connectivity, attackers are likely to take advantage of vulnerabilities to gain internal network access to the OT network.

Beyond typical BMS functions, hospitals operate a myriad of interdependent critical systems that require uninterrupted uptime. When it came to securing a major hospital campus in the EMEA campus, Radiflow’s OT security solutions were the obvious choice.

Mr. Rani Kehat, Radiflow VP Business Development, shares his predictions and recommendations for securing industrial networks, in light of trends including new attack tactics, techniques and procedures.

The security implications of quickly moving a large number of employees to remote working are especially crucial in ICS-based enterprises (manufacturing and critical infrastructure).

The ransomware attack on Visser Precision, a Denver, Colorado-based precision parts maker, continues the trend of industrial organizations affected by IT malware. It also endangers customers and suppliers up and down the supply chain.

Radiflow CEO Ilan Barda provides insights on OT-MSSPs and their advantages to manufacturing organizations that lack the skilled personnel to man an in-house SOC.

The Radiflow Security BlogThe Cybersecurity and Infrastructure Security Agency (CISA) has recently reported a malware attack affecting control and communication assets on the operational technology (OT) network of a natural gas compression facility Here’s what we...

Which exploited were the most common in 2019? The list includes two vulnerabilities in Adobe Flash Player, four vulnerabilities affecting Microsoft’s Internet Explorer browser, three in MS Office and one WinRAR bug.

In this guest post, Mr. Yishai Shafran, Yanai’s Cyber Defense department manager, describes the company’s evolution into become a leading OT-MSSP and its collaboration with Radiflow.

A notorious Iranian hacker group, “APT33”, has been observed shifting its targets from IT networks toward critical industrial (OT) infrastructures such as power generation, manufacturing and oil refineries. It is unclear at this time is APT33 is…

SCADA/ ICS and similar MODBUS-based systems were always the target of many types of attacks. These systems become much more vulnerable. MODBUS communication protocol is a widespread communication standard in the critical infrastructures field…

​Last week, Radiflow took part in Palo Alto Network’s Ignite 2019 conference, a meeting place for Palo Alto Network’s EMEA IT security partners, held in Barcelona, Spain. Radiflow participated…

Last month I attended The International Critical Infrastructure Security Showdown (CISS) 2019 challenge as part of the Radiflow Blue team. (You can read all about the CISS challenge in our security brief, which describes each and every…