MalCrawler is the only advanced malware protection tool that detects, analyzes, and destroys malware targeting ICS/SCADA devices found in critical infrastructure. MalCrawler protects ICS/SCADA devices across a wide range of industries, including Power, Oil & Gas, Water and Wastewater, Chemical, Manufacturing and Transportation.
Built from the ground-up for ICS and OT
No other system is built from the ground-up to analyze ICS/SCADA malware the way that MalCrawler is. Other malware companies take a traditional IT enterprise product and try to adapt it for ICS operators, ignoring the most critical aspect of an ICS operator: the OT (operational technology) environment.
MalCrawler ICS utilizes exclusive patent-pending technology that tests malware against virtualized ICS devices (PLC, HMI, RTU, IED, etc.)
Unique Analytical Engine: from detection to intelligence
MalCrawler analyzes what types of devices the malware is targeting, the communication method (e.g. serial, copper, etc.) it is using, the protocols it is using (e.g. DNP3, MODBUS, 61850, OPC and more.), and other functionality of the malware.
MalCrawler Enterprise is an onsite version of MalCrawler that operates within the OT environment of an ICS operator.
How it works
- A powerful lightweight agent, which is installed on OT workstations, collects valuable data from the file system and memory, including new persistence, MUTEX, network connections
- The MalCrawler onsite server analyzes the data using a sophisticated heuristics and behavioral analysis detection engine. By going beyond signatures, MalCrawler identifies anomalies and tests filesagainst our patent-pending virtual SCADA sandbox. The sandbox can emulate ICS/SCADA devices using thousands of possible configurations. Data never leaves the customer environment, making this an ideal solution for systems with no or limited external network connections.
- When malware is discovered, MalCrawler has multiple ways to remotely remediate the threat, from removing the malware from the system to disabling malicious network connections.
MalCrawler can detect malware targeting a wide range of industrial operations. When malware is discovered MalCrawler has multiple ways to remotely remediate the threat from removing the malware from the system to disrupting malicious network connection, and more.