Home  >  ICS  >  Participants  >  Armis  >  TRITON Configuration

Armis Configuration


Product Versions

  • Armis Enterprise Suite R3.3

Description

Armis® is the leading unified asset visibility & security platform designed to address the new threat landscape created by connected devices. Fortune 1000 companies trust our real-time and continuous protection to see all managed, unmanaged, and IoT devices with full context, including medical devices (IoMT), operational technology (OT) and industrial control systems (ICS).

Armis has three distinct advantages to identify and secure both IT and OT/ICS devices.

  • Agentless - Armis is agentless and does not require software to be installed on devices.
  • Passive - Armis is 100% passive, so there is no risk of disrupting or crashing sensitive
  • Real-time & Continuous - Unlike solutions that work or are applied periodically, Armis is always on, always protecting.

Armis lets you:

  • Discover all devices – The most comprehensive cybersecurity asset management providing discovery and asset inventory of all devices, managed, unmanaged, physical or virtual, on or off the network
  • Identify risks and gaps – Passive, real-time continuous risk and vulnerability assessment of devices, including the deepest device behavior and threat intelligence.
  • Automate Enforcement – Active threat alerting & remediation of threats to compromised devices.
  • The Armis Differentiator

    Core to the Armis platform is our Device Knowledgebase. It is the world’s largest, crowd-sourced, cloud-based device behavior knowledgebase. It tracks over 1+ billion devices. We track all behavior, connections, and activity of a device - what it is, how often it communicates with other devices, over what protocols, how much data is typically transmitted, whether the device is usually stationary, what software runs on each device, etc. - recording a history of all activity.

    This provides a critical and unparalleled context of a device. Armis understands not only what the device is and what it is doing, but what it should be doing for its use in each environment. These device insights enable Armis to classify devices and detect threats with a high degree of accuracy. Armis compares real-time device state and behavior to “known-good” baselines for similar devices we have seen in other environments. Because of the sheer magnitude and depth of the Armis Device Knowledgebase, we have a distinct advantage to identify when a device operates outside of its baseline, Armis issues an alert or can automatically disconnect or quarantine a device.

    Simple to Deploy and Integrate

    Because Armis is agentless, it is fast and easy to integrate with your existing IT and security management solutions, and deploy across any network, environment, or locations around the world. The agentless security platform integrates with your existing network infrastructure, wired and wireless, to discover & track devices, and protect your organization. We also integrate with your IT security and management systems (SOC) and network security, from your firewall to your NAC to your SIEM, letting you achieve greater value and more automated response.