1 Introduction
Senrio is a privately held software development company based in Portland, Oregon, USA. Established in 2015 by a team of veteran security researchers and former intelligence officers, the company is focused on securing industrial embedded devices – the Industrial Internet of Things (IIoT). Following the old adage ‘you cannot protect what you do not know’, Senrio provides a solution to discover industrial devices on the network, monitor and analyze their behavior and provide actionable alerts when something does not function as expected.
Historically, industrial control systems have been a very separate area of information technology, with their own business drivers, requirements and regulations, and were never designed with security in mind. For decades, these systems were based on proprietary hardware, software, network protocols and were largely isolated from corporate networks. This has changed. In the 1990’s, many control systems switched to commodity computer, networking and even software components, and control networks were widely interconnected with corporate networks to realize cost savings and productivity improvements. Modern smart sensors and other IIoT devices go even further – they are based on low-powered hardware with very limited expansion and upgrade capabilities, they communicate directly over public Internet and most of them still lack even the most basic security features, as well as any possibility to protect them with traditional agent-based solutions.
IoT devices are everywhere, with their numbers already in billions and growing at a staggering rate. Large companies may already face a situation when they are not even aware of all the smart devices present in their networks, including those that communicate directly with third parties. Traditional IT security tools have long been frowned upon by OT engineers who always value process continuity and safety above cybersecurity, often consider antiviruses and firewalls potentially disruptive and prefer passive monitoring methods. Another area where traditional tools often fall short is scalability – even passive monitoring may fail for tens of thousands of devices scattered across multiple facilities.
Senrio is addressing all these challenges with Senrio Insight – a lightweight and scalable Industrial IoT monitoring platform that can be easily deployed in any existing network in a completely passive mode, without agents or appliances. By capturing network traffic headers and applying a patented analytics technology, the platform can create a dynamic inventory of all discovered IoT devices (and ignore all non-IoT ones) that provides full visibility into the devices themselves, their communications and behavior patterns. Thanks to adaptive learning performed in the cloud, Senrio Insight can identify abnormal device behavior and trigger real-time alerts to mitigate potential threats. A number of integrations with third party security tools is offered as well.
By focusing solely on IoT devices, avoiding reliance on deep packet inspection and only collecting network metadata, and shifting all the analytical heavy lifting to the cloud, Senrio is able to offer a fully passive, extremely nimble and massively scalable IoT monitoring and analytics solution that’s built around the “privacy by design” principle and thus can be deployed by any sensitive or highly regulated company.