Goals & Objectives
This lab in its first module is designed to serve as a preconfigured environment for users to explore the CyberX interface and operations at their own direction. WWT can provide a guided demo of the solution as well as coordinate a deep dive session with CyberX upon email request to the listed lab owners and creators for this deployment.
CyberX monitors span port traffic to monitor the ICS network. The network has no security controls. All traffic generated in the network is monitored and analyzed by CyberX. CyberX provides insight into the hosts in the network, their roles and their communications. Once traffic is baselined, new hosts or traffic baseline deviations will generate an alert.
This lab demonstrates the following CyberX features:
- Discover and identify ICS assets
- Map ICS network
- Baseline ICS traffic
- Generate alerts related to ICS assets/traffic
- Become acquainted with Dashboard and Reporting capabilities
Hardware & Software
WebUI/Sensor and monitored processes hosted on virtual ATC infrastructure