We're excited to join with Nozomi Networks in announcing our integration partnership which was piloted in the ICS Village at the RSA Sandbox in San Francisco earlier this year. Attendees at RSA were also able to see the first glimpse of the newly unveiled ICS Village. For those unfamiliar with conference villages, the idea is to create a hands-on learning environment for security professionals to learn, hack, or break equipment and software that they may not experience on a day-to-day basis. The Gravwell founders have a long history in the ICS space and we believe in the village mission as we think that ICS/SCADA (more so than most industries) could benefit from some disruption and fresh ideas. The ICS Village can be found at many events this year including DEFCON and EnergySec (full event schedule can be found at https://www.icsvillage.com/events).
This week marks the release of a Gravwell version 2. It’s been a journey with plenty of long days and nights but we’re really excited about the new capabilities. We’ll be publishing a series of blog posts which go into details of the major points, but I’d like to discuss the highlights.
We’re extremely excited to announce a new major release of the Gravwell analytics platform to our testers. It’s been a long road full of interesting (and sometimes annoying) challenges.
It’s Thanksgiving Weekend in America and that means most people have acknowledged the blessings in their lives and are gearing up for something America does better than anyone: consumerism. I had a bit of down time and thought I’d do something else America is good at: Freedom Fighting.
In this post, we take a look at analyzing Industrial Control System data to detect unauthorized manipulation of relays in a process.
For this post, the Gravwell analytics team ingested all 22 million+ comments submitted to the FCC over the net neutrality issue. Using Gravwell we were able to rapidly conduct a variety of analysis against the data to pull out some pretty interesting findings. We scraped the entirety of the FCC comments over the course of a night and ingested them into Gravwell afterward. It took about an hour of poking around to get a handle on what the data was and the following research was conducted over about a 12 hour period. So we went from zero knowledge to interesting insights in half a day. We’re kinda nerding out about it.
In this post we'll walk through a case study with a customer trying to identify an infrastructure capacity issue in which the system becomes unresponsive during a swell in page visits. We'll follow Alice and Bob (names changed, obviously) as they work through the issue.
We are happy to announce the release of version 0.2.6. This release has your standard array of bug fixes and quality of life improvements but the major change comes in the form of relational analytics enhancements. We have added support for force directed graphs which allow for some advanced relationship analytics and data correlation.