SlideShare uma empresa Scribd logo

Nozomi Networks Q1_2018 Company Introduction

Nozomi Networks
Nozomi Networks

Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk & improve resilience for industrial operations. With one solution, customers gain advanced cybersecurity, improved operational reliability & easy IT/OT integration. Innovating the use of artificial intelligence, the company helps the largest industrial sites around the world See and Secure™ their critical industrial control networks. Today Nozomi Networks supports over a quarter of a million devices in the critical infrastructure, energy, manufacturing, mining, transportation & utility sectors, making it possible to tackle the escalating cyber risks to operational networks (OT).

Tecnologia
1 de 30
Baixar para ler offline
The Leading Solution for Real-time Cybersecurity and Visibility for Industrial Control Networks
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Nozomi Networks; Leading ICS Cybersecurity 2 Since Oct 2013 ~$24m invested +200,000 Monitored +200 Global Installations FOUNDED DEVICES CUSTOMERS SERVING VERTICALS
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Convergence of Industrial Control Networks and Traditional IT 3 In the past, they were … • Isolated from IT • Run on proprietary control protocols • Run on specialized hardware • Run on proprietary embedded operating systems • Connected by copper and twisted pair Now they are … • Bridged into corporate networks • Riding on common internet protocols • Running on general purpose hardware with IT origins • Running mainstream IT operating systems • Increasingly connected to wireless technologies What was air gapped and proprietary is now connected and general purpose
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 4 • Connectivity: ICSs are growing more automated, efficient and intelligent. This has also exposed the typical ICS (MES, DCS, etc.) to new vulnerabilities and cyber threats that must be managed with new technologies. • Domain-specific technologies: Many technologies require specialized knowledge of industrial control systems technology & communications. Enterprise IT security technologies are not ICS-aware. • Operational Technology deficiencies: PLCs and RTUs are low computational computers built for controlling physical components such as valves, pumps, motors, etc. Typical SCADA Components are Vulnerable v Lack of authentication v Lack of encryption v Backdoors v Buffer overflow v Tailored attacks on physical control components PLCs, Controllers, RTUs, PACs
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L ICS Cybersecurity: Making the Headlines 5 A Worm in the Centrifuge- Stuxnet 30 Sept. 2010 An unusually sophisticated cyber-weapon is mysterious but important. A new software “worm” called Stuxnet … A Cyberattack Has Caused Confirmed Physical Damage 30 Sept. 2015 Massive damage by manipulating and disrupting control systems at German steel mill U.S. Finds Proof: Cyberattack on Ukraine Power Grid 3 Feb. 2016 Almost immediately, investigators found indications of a malware called BlackEnergy. The Ukraine’s Power Outage Was a Cyber Attack 18 Jan. 2017 A power blackout in Ukraine's capital Kiev last month was caused by a cyber attack and investigators are trying to trace other potentially infected computers. Industroyer; A Cyberweapon can disrupt Power Grids 12 June 2017 Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life, according to U.S. researchers. Hackers halt plant operations in watershed cyberattack 15 Dec. 2017 Schneider confirmed that the incident had occurred and that it had issued a security alert to users of Triconex, which cyber experts said is widely used in the energy industry, including at nuclear facilities, and oil and gas plants. Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors This joint Technical Alert (TA) from the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) and covers Russian cyber actions targeting U.S. Government entities, and critical manufacturing sectors.
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L What is SCADAguardian? 6 Process NetworksControl Network SCADAguardian SCADAguardian implements an innovative technology for monitoring and assessing Industrial Control Systems. Is an appliance (physical or virtual) that passively connects to the industrial network non-intrusively Listens to all traffic within the control and process networks, analyzing it at all levels of the OSI stack, passively (L1 to L7) Uses Artificial Intelligence and Machine Learning techniques to create detailed behavior profiles for every device according to the process state to quickly detect critical state conditions Provides best-in-class network visualization, asset management, ICS anomaly intrusion, vulnerability assessment, as well as dashboards and reporting
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L One Comprehensive Solution for ICS Cybersecurity & Visibility 7 Nozomi Networks’ Solution Architecture
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 8 Multitenant OT Cybersecurity Protection SCADAguardian and Central Management Console (CMC) Multitenant CMC for large distributed / hierarchical enterprise deployments Supports MSSPs for the scalable management of many customers/sites A single instance of the CMC can monitor, manage & remediate threats for numerous industrial installations or customers
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 9 New Hybrid ICS Threat Detection SCADAguardian and Central Management Console (CMC) Phase 1 – INFECTION Phase 2 - DISCOVERY Phase 3 - ATTACK Behavior-based anomaly detection enriched with A.I and analytics engine Rule-based analysis, using (Yara, Packet, etc.) for threat hunting Signature assertions & queries with out-of-box and custom functions Behavior Anomaly Detection Rules Yara/Packet Rules Yara/Packet Rules Assertions Assertions Attack Phases
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 10 Extended IT/OT Integration SCADAguardian and Central Management Console (CMC) Extended open API for improved integration with IT/OT applications Protocol SDK for extended integration capabilities New protocols support for diverse enterprise and industrial environments Firewall Historian PLCS/RTU Switch Nozomi Networks SCADA Master HMI Operator SIEM Internet Remote Access Business CORPORATE NETWORK INDUSTRIAL NETWORK
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Nozomi Networks Solution: Key Benefits 11 Rapidly Detect Cybersecurity Vulnerabilities, Threats and Incidents Reduce Troubleshooting and Remediation Efforts Quickly Recognize and Remediate Operational Anomalies Track Industrial Assets and Corresponding Cybersecurity Risks Deploy at Enterprise Scale with Proven Performance Centrally Supervise and Monitor Distributed Networks
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L “Anomaly detection suppliers must offer both operational and cybersecurity benefits with solution that passively monitor and detect anomalies on the network and industrial endpoints. Suppliers need to offer integration into cybersecurity management solutions and facilitate incident management.” “I’ll be interviewing a panel of technical vendors on stage including Andrea Carcano from Nozomi Networks, and others with pointed questions and follow ups in an attempt to get past the generalities.” “Nozomi's release of asset management and vulnerability assessment modules is a move in the right direction – it allows the company to more easily identify known threats…these product releases is a sign that the company is listening to the needs of its customers and following through with efforts to reduce the burden of ICS security on the business.” “ ““ 12 Momentum & Credibility with the Experts 451 Impact Report April 2017 Sid Snitkin, ARC Forum February 2017 Dale Peterson, Digital Bond May 2017
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Gartner Cool Vendor 13 Nozomi Networks | San Francisco, California | nozominetworks.com Analysis by Ruggero Contu “Focus on the security of their OT environments and evaluate solutions that mitigate risk and enhance overall security.” “ RUGGERO CONTU Gartner Research Director Why Cool: Calling itself a pioneer in the area of real-time cybersecurity for industrial control systems, this provider has developed technology that addresses the highly specialized requirements of industrial OT environments. The approach is notable for its intention to enhance security for utilities and energy providers, which stand as tempting targets for cyber-intrusion. Nozomi technology will passively monitor the network traffic, creating an internal representation of the entire network, its nodes, and the state and behavior of each device in the network. The deployment of its technology with well-established global utility and energy companies is a confirmation of the viability of this provider's offering in an emerging market. Nozomi Networks is one of the first vendors in the OT security space to introduce artificial intelligence and machine learning to create detailed behavior profiles for every device tracked. https://www.gartner.com/document/3738032
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 14 Nozomi selected for ICS expertise and technology “After extensive review, we chose Nozomi Networks because their platform provides industry-leading capabilities which allow us to detect anomalies and proactively hunt for threats within industrial environments." - Grady Summers, CTO FireEye
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Customers and Use Cases 15 Multi National Power Company (Fortune 500) Security monitoring of operational network plus distributed deployment in all Regional Control Centers and TSO Interconnection Centers. Super Major Oil & Gas Company (Fortune 500) ICS security assessment to analyze the security levels of process networks at onshore and offshore sites in several countries. Large Refinery Company ICS security assessment and real-time monitoring of the main company plant in a distributed multi-vendor environment. Multi-Utility Gas & Water Distribution ICS and IT monitoring of a hydro plant production environment. Metropolitan City Water Treatment Company Security monitoring of the network communications and process variables of the water distribution system. Pharmaceutical Company ICS monitoring of the pharma production network communications and process variables.
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L “When it came to cybersecurity protection for critical systems, we wanted the most advanced technology available. After extensive review, we chose Nozomi Networks. They brought superior know- how in ICS cybersecurity, and a proven track record with other industry leaders. We're using SCADAguardian as the basis of our ICS Cyber program, from operational monitoring to ICS threat detection.” “At Vermont Electric our mission is to provide safe, affordable, and reliable energy services to our members. In order to do that, we need both operational visibility and cybersecurity protection for our critical operations systems. We’re working with Nozomi Networks because their deep industrial cybersecurity expertise is embedded in one clean, comprehensive solution, from network modeling to process anomaly and intrusion detection. “ ““ 16 What Customers are Saying Gian Luigi Pugni Global ICT Cybersecurity Andrew Dutton Group Lead Kris Smith SCADA & Operations Engineering Manager “Enel Power Plants are a strategic asset we are committed to protect. Malfunctions or damage to this infrastructure would be a threat to our national security. With Nozomi Networks’ SCADAguardian we can now detect and collect operational and cybersecurity issues in real time, and take corrective actions before the threat can strike.” Federico Bellio Head of Controls “Through this partnership, we have made a substantial improvement in our Remote Control System. Nozomi Networks’ SCADAguardian is now a fundamental element of our network infrastructure and an essential tool for our daily activities … to substantially improve the reliability, efficiency, and cybersecurity.”
Product Offerings
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Sample Deployment Architecture 18 Level 4 Production Scheduling Level 3 Production Control Level 2 Plant Supervisory Level 1 Direct Control Level 0 Field Level Selected detected threats • Monitoring of remote access connection to networks • Connection to Internetcorporate network DMZ • MITM & Scanning Attacks (Port, Network) • Unauthorized cross level communication • IP conflicts • ICS DDoS Attacks • Weak passwords (FTP / TFPTP / RDP / DCERPC) • Traffic activity summaries Bad configurations (NTP / DNS / DHCP/ etc.) • Vulnerability False Positives • Network topologies • Used ports of assets • Unencrypted communications (Telnet) • Insecure Internet connections • Subnet collisions • Anomalous protocol behavior • Online edits to PLC projects • Communication changes • Configuration downloads • New assets in the network • Non-responsive assets • Corrupted OT packets • Firmware downloads • Logic changes • Authentication to PLCs • PLC actions (Start, Stop, Monitor, Run, Reboot, Program, Test) • Fieldbus I/O monitoring
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L SCADAguardian - Standard Deployment Scenario 19 • The SCADAguardian appliance must be connected to the SPAN/Mirror port of network devices. • This guarantees a complete isolation of the appliance from the working network, thus enabling a hot deploy with no interference on active communications. FIELD NETWORKCONTROL NETWORK PROCESS NETWORK Mirrored Traffic Mirrored Traffic Management port Pump Valve Fan HMI SCADA Servers
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L SCADAguardian - Physical Appliances 20 N Series NSG-L Series NSG-R Series R Series 1000 750 250 100 150 50 Description A powerful appliance for very large, demanding scenarios A rack-mounted appliance for large scenarios A rack-mounted appliance for medium scenarios A rack-mounted appliance for small scenarios A rugged rack mounted appliance for medium scenarios A rugged DIN-rail mounted appliance for small scenarios Form Factor 1 rack Unit 1 rack Unit 1 rack Unit 1 rack Unit 2 rack Unit Din mountable Monitoring Ports 8 4 5 5 7 4 Expansion slot n.a. n.a. 1 1 2 n.a. Max Protected Node 5,000 1,000 500 200 450 200 Max Throughput 1 Gbps 500 Mbps 200 Mbps 100 Mbps 200 Mbps 50 Mbps Storage 240 Gb 180 Gb 64 Gb 64 Gb 64 Gb 64 Gb H x W x L mm/in 43 x 426 x 356 1.7 x 16.8 x 14 43 x 426 x 356 1.7 x 16.8 x 14 44 x 438 x 300 1.7 x 17.2 x 11.8 44 x 438 x 300 1.7 x 17.2 x 11.8 88 x 440 x 301.2 3.46 x 17.3 x 118.58 80 x 130 x 146 3.15 x 5.11 x 5.74 Weight 10 Kg 10 Kg 8 Kg 8 Kg 6 Kg (13,2 lbs) 3 Kg Max Power Consumption 260W 260W 250W 250W 250W 60W Power supply type 110-240V AC 110-240V AC 110-240V AC 110-240V AC Dual Power Mode: 1) 36-48V DC 2) 90 264V AC / 100-300V DC 12-36V DC Temperature ranges 0 / +45º C 0 / +45º C 0 / +40º C 0 / +40º C -40 / +70º C -40 / +70º C Compliance RoHS RoHS RoHS RoHS RoHS, IEC 61850-3, IEEE 1613 RoHS
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L V1000 V750 V250 V100 V50 Description A powerful appliance for very large, demanding scenarios A virtual appliance for large scenarios A virtual appliance for medium scenarios A virtual appliance for small scenarios A virtual appliance for very small scenarios Installation Specs VMware ESX 5.x+, Hyper-V 2012+, KVM, XEN Monitoring Ports Unlimited (**) 4 4 4 4 Max Throughput 300 Mbps 300 Mbps 300 Mbps 300 Mbps 300 Mbps Max Protected Node 5,000 1,000 400 150 50 Storage 100+ Gb 100+ Gb 100+ Gb 100+ Gb 100+ Gb SCADAguardian - Virtual Appliances 21
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L The Central Management Console (CMC) 22 Summary Consolidated cybersecurity management and remote access to distributed appliances Installation Specs VMware ESX 5.x+, Hyper-V 2012+, KVM 1.2+, XEN 4.4+XEN Max Managed Appliances Unlimited (***) Storage 100+ Gb Updates Optionally connect to the Nozomi Networks customer portal for vulnerability, rules and SCADAguardian updates. Easily propagate changes to all appliances in the field. (***) Based on the infrastructure
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L The Central Management Console (CMC) 23 Summary Consolidated cybersecurity management and remote access to distributed appliances Installation Specs VMware ESX 5.x+, Hyper-V 2012+, KVM 1.2+, XEN 4.4+XEN Max Managed Appliances Unlimited (***) Storage 100+ Gb Updates Optionally connect to the Nozomi Networks customer portal for vulnerability, rules and SCADAguardian updates. Easily propagate changes to all appliances in the field. CMC CMC CMC CMC
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Supported Integrations 24 User Authentication & Authorization MSSP and SIEM Integration Proactive Firewall Integration All contextual information not present in network communications can be added to the system (i.e. node names, variable names, etc.) • ActiveDirectory • LDAP (Lightweight Directory Access Protocol) • Import of SCADA/DCS configurations • Managed Security Services & SIEM Logging Partners • Enterprise Firewall & Security Partners
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Broad Support for Industrial Control Systems and ICS / IT Protocols 25 - Aspentech Cim/IO, BACNet, Beckho ADS, BSAP IP, CEI 79-5/2-3, COTP, DNP3, Enron Modbus, EtherCAT, EtherNet/IP - CIP, Foundation Fieldbus, Generic MMS, GOOSE, Honeywell, IEC 60870-5- 7 (IEC 62351-3 + IEC 62351-5), IEC 60870-5-104, IEC-61850 (MMS, GOOSE, SV), IEC DLMS/COSEM, ICCP, Modbus/TCP, MQTT, OPC, PI-Connect, Pro net/DCP, Pro net/I-O CM, Pro net/RT, Sercos III, Siemens S7, Vnet/IP Industrial Protocols ARP, BROWSER, BitTorrent, CDP, DCE-RCP, DHCP, DNS, DRDA (IBM DB2), Dropbox, eDonkey (eMule), FTP, FTPS, HTTP, HTTPS, ICMP/PING, IGMP, IKE, IMAP, IMAPS, ISO-TSAP/COTP, Kerberos, KMS, LDAP, LDAPS, LLDP, LLMNR, MDNS, MS SQL Server, MySQL, NetBIOS, NTP, OSPF, POP3, PTPv2, RDP, STP, SSDP, RTCP, RTP, SSH, SNMP, SMB, SMTP, STP, Syslog, Telnet, VNC IT Protocols ICS Vendors .New protocols and vendors are being added to the support matrix on a continuous basis
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Industrial Cybersecurity Anomaly, Intrusion and Risk Detection Incident Correlation Vulnerability Assessment Operational ICS Visibility Asset Inventory Network Visualization & Modeling Real-time Network Monitoring Dynamic ICS Behavioral Learning Proven Large-Scale Deployments Utilities Oil and Gas Manufacturing Meets Enterprise Requirements Integrates with Security Infrastructure Delivers Fast ROI One Solution Delivers
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 27 The Executive Team MORENO CARULLO CTO and Co-Founder PhD in Artificial intelligence eXtreme Programming Expert ANDREA CARCANO CPO and Co-Founder PhD in Cybersecurity SCADA Security Researcher & Expert EDGARD CAPDEVIELLE Chief Executive Officer VP Products, Imperva GM Archiving SW, EMC CHET NAMBOODRI VP Business Development Cisco Industrial Markets, GE Automation and Controls KIM LEGELIS Chief Marketing Officer Industrial Defender, Cybereason, Symantec
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Initial Funding Glenn Solomon • Managing Partner • 10 years at GGV Capital • Enterprise, Cloud, Security • @glennsolomon • Team in the US and China • $2.6 billion under management • 6 funds,150+ investments • 15 years, 27 IPOs October 2016: GGV Capital & Lux Capital co-led a $7.5M Series A round in Nozomi Networks, Inc. June 2015: Planven Investments led the Seed round equivalent to $1.1M as first institutional investor Bilal Zuberi • Partner in Silicon Valley • 8 years in Venture Capital • NextGen Industrial Tech • @bznotes • Lux Ventures IV, A $350 million fund • $700M under management • Team in New York & Silicon Valley • Chief Executive Officer • VC & Operator for a Decade • Global High-Growth Innovation • www.planven.com Giovanni Canetta Roeder • Family Office of Carlo De Benedetti • Pioneer in European VC investing • Team in Lugano, Switzerland
w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 29 Series B Round $15m: January 2018 Partners & Investments PROFILE Invenergy FutureFund invests in companies that are defining the future of energy. LEADERSHIP John Tough Partner at Invenergy “Nozomi Networks’ superior technology and team have made them the market leader in securing energy and other critical infrastructure industries from escalating cyber threats” “ Michael Polsky CEO of Invenergy & Chairman of the Invenergy Future Fund
Thank You! www.nozominetworks.com PPT-CO-OVER-006

Recomendados

Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution briefNozomi Networks
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Industrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptIndustrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptDelforChacnCornejo
 
Modern SOC Trends 2020
Modern SOC Trends 2020Modern SOC Trends 2020
Modern SOC Trends 2020Anton Chuvakin
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 

Recomendados

Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution briefNozomi Networks
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Industrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptIndustrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptDelforChacnCornejo
 
Modern SOC Trends 2020
Modern SOC Trends 2020Modern SOC Trends 2020
Modern SOC Trends 2020Anton Chuvakin
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC Anton Chuvakin
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxAmrMousa51
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationExigent Technologies LLC
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited ResourcesLogRhythm
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptxMohit Chhabra
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Glorium Tech
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat huntingVikas Jain
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptxSandeshUprety4
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 
Dragos and CyberWire: ICS Ransomware
Dragos and CyberWire: ICS Ransomware Dragos and CyberWire: ICS Ransomware
Dragos and CyberWire: ICS Ransomware Dragos, Inc.
 

Mais conteúdo relacionado

Mais procurados

Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC Anton Chuvakin
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxAmrMousa51
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationExigent Technologies LLC
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited ResourcesLogRhythm
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Glorium Tech
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat huntingVikas Jain
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 

Mais procurados (20)

Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat hunting
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 

Semelhante a Nozomi Networks Q1_2018 Company Introduction

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 
Dragos and CyberWire: ICS Ransomware
Dragos and CyberWire: ICS Ransomware Dragos and CyberWire: ICS Ransomware
Dragos and CyberWire: ICS Ransomware Dragos, Inc.
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Cisco Canada
 
Infrastructure Attacks - The Next generation, ESET LLC
Infrastructure Attacks - The Next generation, ESET LLCInfrastructure Attacks - The Next generation, ESET LLC
Infrastructure Attacks - The Next generation, ESET LLCInfosec Europe
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesNir Cohen
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesDr Dev Kambhampati
 
How stuxnet spreads – a study of infection paths in best practice systems
How stuxnet spreads – a study of infection paths in best practice systemsHow stuxnet spreads – a study of infection paths in best practice systems
How stuxnet spreads – a study of infection paths in best practice systemsYury Chemerkin
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Samuel Kamuli
 

Semelhante a Nozomi Networks Q1_2018 Company Introduction (20)

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 
Dragos and CyberWire: ICS Ransomware
Dragos and CyberWire: ICS Ransomware Dragos and CyberWire: ICS Ransomware
Dragos and CyberWire: ICS Ransomware
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016
 
SCADA White Paper March2012
SCADA White Paper March2012SCADA White Paper March2012
SCADA White Paper March2012
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
 
Infrastructure Attacks - The Next generation, ESET LLC
Infrastructure Attacks - The Next generation, ESET LLCInfrastructure Attacks - The Next generation, ESET LLC
Infrastructure Attacks - The Next generation, ESET LLC
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Securing SCADA
Securing SCADASecuring SCADA
Securing SCADA
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
 
How stuxnet spreads – a study of infection paths in best practice systems
How stuxnet spreads – a study of infection paths in best practice systemsHow stuxnet spreads – a study of infection paths in best practice systems
How stuxnet spreads – a study of infection paths in best practice systems
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 

Último

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

Último (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Nozomi Networks Q1_2018 Company Introduction

  • 1. The Leading Solution for Real-time Cybersecurity and Visibility for Industrial Control Networks
  • 2. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Nozomi Networks; Leading ICS Cybersecurity 2 Since Oct 2013 ~$24m invested +200,000 Monitored +200 Global Installations FOUNDED DEVICES CUSTOMERS SERVING VERTICALS
  • 3. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Convergence of Industrial Control Networks and Traditional IT 3 In the past, they were … • Isolated from IT • Run on proprietary control protocols • Run on specialized hardware • Run on proprietary embedded operating systems • Connected by copper and twisted pair Now they are … • Bridged into corporate networks • Riding on common internet protocols • Running on general purpose hardware with IT origins • Running mainstream IT operating systems • Increasingly connected to wireless technologies What was air gapped and proprietary is now connected and general purpose
  • 4. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 4 • Connectivity: ICSs are growing more automated, efficient and intelligent. This has also exposed the typical ICS (MES, DCS, etc.) to new vulnerabilities and cyber threats that must be managed with new technologies. • Domain-specific technologies: Many technologies require specialized knowledge of industrial control systems technology & communications. Enterprise IT security technologies are not ICS-aware. • Operational Technology deficiencies: PLCs and RTUs are low computational computers built for controlling physical components such as valves, pumps, motors, etc. Typical SCADA Components are Vulnerable v Lack of authentication v Lack of encryption v Backdoors v Buffer overflow v Tailored attacks on physical control components PLCs, Controllers, RTUs, PACs
  • 5. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L ICS Cybersecurity: Making the Headlines 5 A Worm in the Centrifuge- Stuxnet 30 Sept. 2010 An unusually sophisticated cyber-weapon is mysterious but important. A new software “worm” called Stuxnet … A Cyberattack Has Caused Confirmed Physical Damage 30 Sept. 2015 Massive damage by manipulating and disrupting control systems at German steel mill U.S. Finds Proof: Cyberattack on Ukraine Power Grid 3 Feb. 2016 Almost immediately, investigators found indications of a malware called BlackEnergy. The Ukraine’s Power Outage Was a Cyber Attack 18 Jan. 2017 A power blackout in Ukraine's capital Kiev last month was caused by a cyber attack and investigators are trying to trace other potentially infected computers. Industroyer; A Cyberweapon can disrupt Power Grids 12 June 2017 Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life, according to U.S. researchers. Hackers halt plant operations in watershed cyberattack 15 Dec. 2017 Schneider confirmed that the incident had occurred and that it had issued a security alert to users of Triconex, which cyber experts said is widely used in the energy industry, including at nuclear facilities, and oil and gas plants. Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors This joint Technical Alert (TA) from the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) and covers Russian cyber actions targeting U.S. Government entities, and critical manufacturing sectors.
  • 6. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L What is SCADAguardian? 6 Process NetworksControl Network SCADAguardian SCADAguardian implements an innovative technology for monitoring and assessing Industrial Control Systems. Is an appliance (physical or virtual) that passively connects to the industrial network non-intrusively Listens to all traffic within the control and process networks, analyzing it at all levels of the OSI stack, passively (L1 to L7) Uses Artificial Intelligence and Machine Learning techniques to create detailed behavior profiles for every device according to the process state to quickly detect critical state conditions Provides best-in-class network visualization, asset management, ICS anomaly intrusion, vulnerability assessment, as well as dashboards and reporting
  • 7. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L One Comprehensive Solution for ICS Cybersecurity & Visibility 7 Nozomi Networks’ Solution Architecture
  • 8. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 8 Multitenant OT Cybersecurity Protection SCADAguardian and Central Management Console (CMC) Multitenant CMC for large distributed / hierarchical enterprise deployments Supports MSSPs for the scalable management of many customers/sites A single instance of the CMC can monitor, manage & remediate threats for numerous industrial installations or customers
  • 9. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 9 New Hybrid ICS Threat Detection SCADAguardian and Central Management Console (CMC) Phase 1 – INFECTION Phase 2 - DISCOVERY Phase 3 - ATTACK Behavior-based anomaly detection enriched with A.I and analytics engine Rule-based analysis, using (Yara, Packet, etc.) for threat hunting Signature assertions & queries with out-of-box and custom functions Behavior Anomaly Detection Rules Yara/Packet Rules Yara/Packet Rules Assertions Assertions Attack Phases
  • 10. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 10 Extended IT/OT Integration SCADAguardian and Central Management Console (CMC) Extended open API for improved integration with IT/OT applications Protocol SDK for extended integration capabilities New protocols support for diverse enterprise and industrial environments Firewall Historian PLCS/RTU Switch Nozomi Networks SCADA Master HMI Operator SIEM Internet Remote Access Business CORPORATE NETWORK INDUSTRIAL NETWORK
  • 11. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Nozomi Networks Solution: Key Benefits 11 Rapidly Detect Cybersecurity Vulnerabilities, Threats and Incidents Reduce Troubleshooting and Remediation Efforts Quickly Recognize and Remediate Operational Anomalies Track Industrial Assets and Corresponding Cybersecurity Risks Deploy at Enterprise Scale with Proven Performance Centrally Supervise and Monitor Distributed Networks
  • 12. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L “Anomaly detection suppliers must offer both operational and cybersecurity benefits with solution that passively monitor and detect anomalies on the network and industrial endpoints. Suppliers need to offer integration into cybersecurity management solutions and facilitate incident management.” “I’ll be interviewing a panel of technical vendors on stage including Andrea Carcano from Nozomi Networks, and others with pointed questions and follow ups in an attempt to get past the generalities.” “Nozomi's release of asset management and vulnerability assessment modules is a move in the right direction – it allows the company to more easily identify known threats…these product releases is a sign that the company is listening to the needs of its customers and following through with efforts to reduce the burden of ICS security on the business.” “ ““ 12 Momentum & Credibility with the Experts 451 Impact Report April 2017 Sid Snitkin, ARC Forum February 2017 Dale Peterson, Digital Bond May 2017
  • 13. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Gartner Cool Vendor 13 Nozomi Networks | San Francisco, California | nozominetworks.com Analysis by Ruggero Contu “Focus on the security of their OT environments and evaluate solutions that mitigate risk and enhance overall security.” “ RUGGERO CONTU Gartner Research Director Why Cool: Calling itself a pioneer in the area of real-time cybersecurity for industrial control systems, this provider has developed technology that addresses the highly specialized requirements of industrial OT environments. The approach is notable for its intention to enhance security for utilities and energy providers, which stand as tempting targets for cyber-intrusion. Nozomi technology will passively monitor the network traffic, creating an internal representation of the entire network, its nodes, and the state and behavior of each device in the network. The deployment of its technology with well-established global utility and energy companies is a confirmation of the viability of this provider's offering in an emerging market. Nozomi Networks is one of the first vendors in the OT security space to introduce artificial intelligence and machine learning to create detailed behavior profiles for every device tracked. https://www.gartner.com/document/3738032
  • 14. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 14 Nozomi selected for ICS expertise and technology “After extensive review, we chose Nozomi Networks because their platform provides industry-leading capabilities which allow us to detect anomalies and proactively hunt for threats within industrial environments." - Grady Summers, CTO FireEye
  • 15. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Customers and Use Cases 15 Multi National Power Company (Fortune 500) Security monitoring of operational network plus distributed deployment in all Regional Control Centers and TSO Interconnection Centers. Super Major Oil & Gas Company (Fortune 500) ICS security assessment to analyze the security levels of process networks at onshore and offshore sites in several countries. Large Refinery Company ICS security assessment and real-time monitoring of the main company plant in a distributed multi-vendor environment. Multi-Utility Gas & Water Distribution ICS and IT monitoring of a hydro plant production environment. Metropolitan City Water Treatment Company Security monitoring of the network communications and process variables of the water distribution system. Pharmaceutical Company ICS monitoring of the pharma production network communications and process variables.
  • 16. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L “When it came to cybersecurity protection for critical systems, we wanted the most advanced technology available. After extensive review, we chose Nozomi Networks. They brought superior know- how in ICS cybersecurity, and a proven track record with other industry leaders. We're using SCADAguardian as the basis of our ICS Cyber program, from operational monitoring to ICS threat detection.” “At Vermont Electric our mission is to provide safe, affordable, and reliable energy services to our members. In order to do that, we need both operational visibility and cybersecurity protection for our critical operations systems. We’re working with Nozomi Networks because their deep industrial cybersecurity expertise is embedded in one clean, comprehensive solution, from network modeling to process anomaly and intrusion detection. “ ““ 16 What Customers are Saying Gian Luigi Pugni Global ICT Cybersecurity Andrew Dutton Group Lead Kris Smith SCADA & Operations Engineering Manager “Enel Power Plants are a strategic asset we are committed to protect. Malfunctions or damage to this infrastructure would be a threat to our national security. With Nozomi Networks’ SCADAguardian we can now detect and collect operational and cybersecurity issues in real time, and take corrective actions before the threat can strike.” Federico Bellio Head of Controls “Through this partnership, we have made a substantial improvement in our Remote Control System. Nozomi Networks’ SCADAguardian is now a fundamental element of our network infrastructure and an essential tool for our daily activities … to substantially improve the reliability, efficiency, and cybersecurity.”
  • 18. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Sample Deployment Architecture 18 Level 4 Production Scheduling Level 3 Production Control Level 2 Plant Supervisory Level 1 Direct Control Level 0 Field Level Selected detected threats • Monitoring of remote access connection to networks • Connection to Internetcorporate network DMZ • MITM & Scanning Attacks (Port, Network) • Unauthorized cross level communication • IP conflicts • ICS DDoS Attacks • Weak passwords (FTP / TFPTP / RDP / DCERPC) • Traffic activity summaries Bad configurations (NTP / DNS / DHCP/ etc.) • Vulnerability False Positives • Network topologies • Used ports of assets • Unencrypted communications (Telnet) • Insecure Internet connections • Subnet collisions • Anomalous protocol behavior • Online edits to PLC projects • Communication changes • Configuration downloads • New assets in the network • Non-responsive assets • Corrupted OT packets • Firmware downloads • Logic changes • Authentication to PLCs • PLC actions (Start, Stop, Monitor, Run, Reboot, Program, Test) • Fieldbus I/O monitoring
  • 19. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L SCADAguardian - Standard Deployment Scenario 19 • The SCADAguardian appliance must be connected to the SPAN/Mirror port of network devices. • This guarantees a complete isolation of the appliance from the working network, thus enabling a hot deploy with no interference on active communications. FIELD NETWORKCONTROL NETWORK PROCESS NETWORK Mirrored Traffic Mirrored Traffic Management port Pump Valve Fan HMI SCADA Servers
  • 20. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L SCADAguardian - Physical Appliances 20 N Series NSG-L Series NSG-R Series R Series 1000 750 250 100 150 50 Description A powerful appliance for very large, demanding scenarios A rack-mounted appliance for large scenarios A rack-mounted appliance for medium scenarios A rack-mounted appliance for small scenarios A rugged rack mounted appliance for medium scenarios A rugged DIN-rail mounted appliance for small scenarios Form Factor 1 rack Unit 1 rack Unit 1 rack Unit 1 rack Unit 2 rack Unit Din mountable Monitoring Ports 8 4 5 5 7 4 Expansion slot n.a. n.a. 1 1 2 n.a. Max Protected Node 5,000 1,000 500 200 450 200 Max Throughput 1 Gbps 500 Mbps 200 Mbps 100 Mbps 200 Mbps 50 Mbps Storage 240 Gb 180 Gb 64 Gb 64 Gb 64 Gb 64 Gb H x W x L mm/in 43 x 426 x 356 1.7 x 16.8 x 14 43 x 426 x 356 1.7 x 16.8 x 14 44 x 438 x 300 1.7 x 17.2 x 11.8 44 x 438 x 300 1.7 x 17.2 x 11.8 88 x 440 x 301.2 3.46 x 17.3 x 118.58 80 x 130 x 146 3.15 x 5.11 x 5.74 Weight 10 Kg 10 Kg 8 Kg 8 Kg 6 Kg (13,2 lbs) 3 Kg Max Power Consumption 260W 260W 250W 250W 250W 60W Power supply type 110-240V AC 110-240V AC 110-240V AC 110-240V AC Dual Power Mode: 1) 36-48V DC 2) 90 264V AC / 100-300V DC 12-36V DC Temperature ranges 0 / +45º C 0 / +45º C 0 / +40º C 0 / +40º C -40 / +70º C -40 / +70º C Compliance RoHS RoHS RoHS RoHS RoHS, IEC 61850-3, IEEE 1613 RoHS
  • 21. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L V1000 V750 V250 V100 V50 Description A powerful appliance for very large, demanding scenarios A virtual appliance for large scenarios A virtual appliance for medium scenarios A virtual appliance for small scenarios A virtual appliance for very small scenarios Installation Specs VMware ESX 5.x+, Hyper-V 2012+, KVM, XEN Monitoring Ports Unlimited (**) 4 4 4 4 Max Throughput 300 Mbps 300 Mbps 300 Mbps 300 Mbps 300 Mbps Max Protected Node 5,000 1,000 400 150 50 Storage 100+ Gb 100+ Gb 100+ Gb 100+ Gb 100+ Gb SCADAguardian - Virtual Appliances 21
  • 22. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L The Central Management Console (CMC) 22 Summary Consolidated cybersecurity management and remote access to distributed appliances Installation Specs VMware ESX 5.x+, Hyper-V 2012+, KVM 1.2+, XEN 4.4+XEN Max Managed Appliances Unlimited (***) Storage 100+ Gb Updates Optionally connect to the Nozomi Networks customer portal for vulnerability, rules and SCADAguardian updates. Easily propagate changes to all appliances in the field. (***) Based on the infrastructure
  • 23. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L The Central Management Console (CMC) 23 Summary Consolidated cybersecurity management and remote access to distributed appliances Installation Specs VMware ESX 5.x+, Hyper-V 2012+, KVM 1.2+, XEN 4.4+XEN Max Managed Appliances Unlimited (***) Storage 100+ Gb Updates Optionally connect to the Nozomi Networks customer portal for vulnerability, rules and SCADAguardian updates. Easily propagate changes to all appliances in the field. CMC CMC CMC CMC
  • 24. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Supported Integrations 24 User Authentication & Authorization MSSP and SIEM Integration Proactive Firewall Integration All contextual information not present in network communications can be added to the system (i.e. node names, variable names, etc.) • ActiveDirectory • LDAP (Lightweight Directory Access Protocol) • Import of SCADA/DCS configurations • Managed Security Services & SIEM Logging Partners • Enterprise Firewall & Security Partners
  • 25. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Broad Support for Industrial Control Systems and ICS / IT Protocols 25 - Aspentech Cim/IO, BACNet, Beckho ADS, BSAP IP, CEI 79-5/2-3, COTP, DNP3, Enron Modbus, EtherCAT, EtherNet/IP - CIP, Foundation Fieldbus, Generic MMS, GOOSE, Honeywell, IEC 60870-5- 7 (IEC 62351-3 + IEC 62351-5), IEC 60870-5-104, IEC-61850 (MMS, GOOSE, SV), IEC DLMS/COSEM, ICCP, Modbus/TCP, MQTT, OPC, PI-Connect, Pro net/DCP, Pro net/I-O CM, Pro net/RT, Sercos III, Siemens S7, Vnet/IP Industrial Protocols ARP, BROWSER, BitTorrent, CDP, DCE-RCP, DHCP, DNS, DRDA (IBM DB2), Dropbox, eDonkey (eMule), FTP, FTPS, HTTP, HTTPS, ICMP/PING, IGMP, IKE, IMAP, IMAPS, ISO-TSAP/COTP, Kerberos, KMS, LDAP, LDAPS, LLDP, LLMNR, MDNS, MS SQL Server, MySQL, NetBIOS, NTP, OSPF, POP3, PTPv2, RDP, STP, SSDP, RTCP, RTP, SSH, SNMP, SMB, SMTP, STP, Syslog, Telnet, VNC IT Protocols ICS Vendors .New protocols and vendors are being added to the support matrix on a continuous basis
  • 26. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Industrial Cybersecurity Anomaly, Intrusion and Risk Detection Incident Correlation Vulnerability Assessment Operational ICS Visibility Asset Inventory Network Visualization & Modeling Real-time Network Monitoring Dynamic ICS Behavioral Learning Proven Large-Scale Deployments Utilities Oil and Gas Manufacturing Meets Enterprise Requirements Integrates with Security Infrastructure Delivers Fast ROI One Solution Delivers
  • 27. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 27 The Executive Team MORENO CARULLO CTO and Co-Founder PhD in Artificial intelligence eXtreme Programming Expert ANDREA CARCANO CPO and Co-Founder PhD in Cybersecurity SCADA Security Researcher & Expert EDGARD CAPDEVIELLE Chief Executive Officer VP Products, Imperva GM Archiving SW, EMC CHET NAMBOODRI VP Business Development Cisco Industrial Markets, GE Automation and Controls KIM LEGELIS Chief Marketing Officer Industrial Defender, Cybereason, Symantec
  • 28. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L Initial Funding Glenn Solomon • Managing Partner • 10 years at GGV Capital • Enterprise, Cloud, Security • @glennsolomon • Team in the US and China • $2.6 billion under management • 6 funds,150+ investments • 15 years, 27 IPOs October 2016: GGV Capital & Lux Capital co-led a $7.5M Series A round in Nozomi Networks, Inc. June 2015: Planven Investments led the Seed round equivalent to $1.1M as first institutional investor Bilal Zuberi • Partner in Silicon Valley • 8 years in Venture Capital • NextGen Industrial Tech • @bznotes • Lux Ventures IV, A $350 million fund • $700M under management • Team in New York & Silicon Valley • Chief Executive Officer • VC & Operator for a Decade • Global High-Growth Innovation • www.planven.com Giovanni Canetta Roeder • Family Office of Carlo De Benedetti • Pioneer in European VC investing • Team in Lugano, Switzerland
  • 29. w w w . n o z o m i n e t w o rk s . c o m / C O N F I D E N T I A L 29 Series B Round $15m: January 2018 Partners & Investments PROFILE Invenergy FutureFund invests in companies that are defining the future of energy. LEADERSHIP John Tough Partner at Invenergy “Nozomi Networks’ superior technology and team have made them the market leader in securing energy and other critical infrastructure industries from escalating cyber threats” “ Michael Polsky CEO of Invenergy & Chairman of the Invenergy Future Fund