What does PacketViper's SCADA integration mean?

PacketViper offers a modbus module that allows Operational Technology (OT) customers to poll the Remote Security Unit (RSU) for alerts. These alerts can then be displayed within existing SCADA / DCS systems in OT Environments.

Where are RSUs placed?

RSUs are placed at critical points within OT and Industrial Control Systems (ICS) networks. 

They are strategically located at sites such as:

• Pump Stations

• Lift Stations

• Distribution Hubs

• Traffic Control Panels

• Business Automation Closets

• Well Pads

• Transformer Vaults

• Substations

These units are designed for use in remote, unmanned locations.

Can RSUs handle extreme weather conditions?

Yes, RSUs are industrial-grade and built to withstand harsh environmental conditions. They are equipped with advanced technology to monitor, detect, and respond to cybersecurity threats.

What is Dynamic Containment or Hive-Minded?

Dynamic containment, often referred to as the "Hive," is a feature that isolates and contains threats within the network segment where an anomaly is first detected.

When an anomaly is identified:

1. The detecting device immediately contains the threat within its network segment.

2. The detecting device notifies the Command Management Unit (CMU).

3. The CMU alerts all remaining PacketViper devices in the environment and applies the rule to those enterprise locations.

This coordinated response prevents the threat from spreading while still allowing for monitoring and response actions.

Does the Rate Limiting feature in a sensor act as a DDoS mitigator?

Rate limiting serves as a first line of defense against flooding attacks, including Distributed Denial of Service (DDoS) and Denial of Service (DoS).

PacketViper's rate limit function evaluates traffic from each individual source. When a source exceeds the allowed request rate, it is placed on hold. While it is not intended to replace dedicated, large-scale DDoS mitigation tools, it provides an effective inline safeguard against smaller or targeted flooding attempts.

Can PacketViper's Rate Limiting feature be configured for specific sources?

Yes. PacketViper can rate limits based on the country, business (GNL), network, IP, or ports.

What is Dynamic Asset Obfuscation?

Dynamic Asset Obfuscation is PacketViper's proactive technique for concealing and altering the visibility of critical network assets in real time. This function:

• Actively disguises the true nature and location of network resources by confusing attackers.

• Continuously changes the attack surface to appear differently to potential attackers.

• Confuses adversaries during reconnaissance by denying them consistent intelligence about critical systems.

The result is a significantly harder environment for attackers to map, identify, and target.

How does PacketViper's Dynamic Asset Obfuscation confuse attackers?

PacketViper, through the use of Deceptive Responders and Sirens, injects false targets and noise into the traffic stream. When an attacker scans or monitors the network, this provides a confusing, unmappable environment.

How can PacketViper operate as a compensating control?

PacketViper serves as a dynamic compensating control that boosts cybersecurity resilience in both IT and OT ecosystems without disrupting legacy control systems. This is particularly important because older OT devices often:

• Run outdated firmware.

• Lack of compatibility with modern security controls.

• Cannot be patched without risking operational downtime.

PacketViper shields these devices from direct threats, ensuring critical operations remain secure and uninterrupted while still meeting compliance or audit requirements for compensating controls.

What is a compensating control?

A compensating control is an alternative security measure put in place to satisfy a security or compliance requirement when it is not possible to meet that requirement with the specified control. PacketViper acts as a compensating control for organizations whose OT networks have lost their "air gap" and are now at increased risk from connected IT networks. By providing an automated, proactive defense without needing to replace or upgrade vulnerable legacy devices, it allows organizations to meet compliance requirements and reduce risk.