Continuous Security

Why It Matters

While traditional products remain the same even 10 or 20 years after production, connected devices and their behavior can change throughout their lifecyle. Their functionality can upgrade (or downgrade), emerging issues can be fixed, and functions can be monetized. Their dynamic nature makes them far more versatile and convenient, but it also makes protecting them against hacking attempts an ever-changing battle.

Continuous Security is an approach that aligns the security practice with the dynamic lifecycle of connected devices. It views security as a lifelong task for the connected vehicle, printer, camera or manufacturing robot, not one that finishes the moment it rolls off the production line.

XGuard Monitoring

In a cloud-edge architecture, the compartmentalizing of data and computing resources is key for efficient monitoring. XGuard Monitor supports both real-time alerts generated directly from the vehicle/product and more sophisticated analytics performed in the cloud.

With XGuard Monitor, a rich set of behavioral sensors is deployed within the embedded software, providing deep and comprehensive insight on suspicious device behavior, which can indicate if the device has been compromised.

Threat Intelligence

Unlike the operational nature of the monitoring function, the ThreatHive platforms provide the security researchers with a playground of sorts in which they can learn about the state-of-the-art attacks targeting connected devices.

By using honeypots to continuously search for suspicious activity, ThreatHive is capable of identifying even minor manipulation of data and behavior, find and track attackers, and understand the latest embedded TTP. This intelligence can then be implemented in SOC playbooks and IoC updates in XGuard Monitor.