Intrusion detection system for KRITIS companies
Compliant with regulatory requirements
secunet monitor KRITIS is aimed at KRITIS companies and implements all the technical MANDATORY requirements of the BSI guidance on the use of attack detection systems - both at network level for monitoring the data transmitted in IT/OT networks and at system level for monitoring the logging data of individual application systems. In practice, secunet monitor KRITIS compiles the data required for the transmission of reportable events to the BSI in addition to pure attack detection.
secunet monitor KRITIS focuses on legislation, can be used passively and without repercussions, is easy to integrate and operate - and is therefore probably the most comprehensive solution on the market for IT and OT infrastructures.
Two layers of attack detection
secunet monitor KRITIS combines the detection mechanisms of both the network and the system layer. Data is compared against existing patterns and processed for alerting and further analysis.
The system level uses log data from various IT and OT systems. This log and logging data is continuously aggregated, monitored and evaluated in a central system (SIEM). In this way, potential security risks (e.g. also through behavior-based detection) can also be identified cost-effectively in this log and logging data and a responsible person can be alerted.
At network layer, a network-based IDS (NIDS) is used for analysis. The flow data is then evaluated almost in real time and the security-relevant event data is sent to a central repository.
Modular, easy to use and cost-efficient
The system offers passive and non-reactive functionality in IT & OT, global whitelisting, real-time monitoring, installation and operational capability in airgapped environments and a log data sink with evaluation options.
The system provides a management report for a transparent overview of important KPIs. The clear change log ensures secure documentation. secunet monitor KRITIS is optimized for MSS/SOCs and for self-administration.
The system supports the reporting of security incidents to the BSI as well as audits and also integrates external signatures such as the BSI MISP feed. Current and future regulations are taken into account.
In addition to providing the intrusion detection system, secunet also offers comprehensive consulting services for technical integration into the organizational processes of an ISMS (e.g. ISO/IEC 27001).
Send us an inquiry via the contact form. We are looking forward to help you.