Introduction

Cyber Security Software Platform

Protect your business and digital assets by minimizing cyber risk with First Watch. No matter the size or complexity of your organization, we have the solution for you.

First Watch® is a leading cyber security asset management platform – designed to protect operational technology (OT) networks from harmful cyber-attacks by securing the SCADA (Supervisory Control and Data Acquisition) and PLC (programmable logic controller) layers.

With real-time monitoring of the network, we provide clear visibility and insights – giving asset owners the opportunity to make effective and timely responses to any attacks or unauthorized network changes.

Our unique software supports your business, optimizing the network structure and drastically reducing the risk of cyber-attacks. With First Watch you can have the confidence that your network is secure.

Benefits

What can we do for you?

  • Feel secure knowing all changes to files and data within your network are monitored and logged in real-time.
  • With real-time monitoring of logs and data flow across the network and our Zero-Trust architecture, the platform will immediately identify any malicious or unusual activity.
  • All actions are allowed via policies (for example – user, time, source HMI, source application, destination HMI, and action).
  • Any policy or policies that don’t comply will generate an alarm, warning you of a potential cybers security breach.

All alarms are sent directly to the asset owner – this enables you to respond rapidly, reducing risk or damage from a cyber-attack.

Platform

What is this all about?

Component

First Watch Endpoint Аgent

Malicious activities and unauthorised access can originate from any computer on the internal OT network bringing the need to monitor all possible blind spots. The FWED Agent solution provides continuous and comprehensive real-time visibility into what is happening on your endpoints (e.g HMI machines, engineering stations, historians, Active Directory servers, etc.) and detect actions like launching of unauthorised processes, USB device connection, installation of the new software, change of IP address, etc. All actions are attributed to the user.

The Microsoft authorised kernel-driver is the core component of the FWEDA. Operating at the kernel level FWEDA protects the industrial computer from cyber hack and makes the system overall considerably more secure from hackers who prefer to operate in the “user space” a level up from the OS (Operating System).

 

Features of the agent include: Software status monitoring, patch status and automated vulnerability alerts, whitelisting, data vault and monitoring of: user activity, files, drivers, memory usage, exceptions, network traffic in and out of the end point (and point of origin or target for the traffic).

Features include:  visibility of all activities performed over the network, event logs, monitor traffic flows incl most network and ICS protocols, native discovery of all devices on the OT network and their attributes.

Component

First Watch Network Аgent

First Watch®’s Network Agent (FWNA) is a passive deep-packet inspection and network flow monitoring engine that observes industrial control network activity.  This technology was purposely built for the unique characteristics of   industrial control systems.  The FWNA is speci­fically designed to detect control layer events in SCADA application communications Ethernet/IP analysing protocols like CIP.

  

Component

First Watch Security Center

Data from the end point agent(s) and network agent(s) across a plant (or multiple plants) are aggregated by the servers in the security centre where critical real-time analysis and configurations can be made. This provides an all-of-network view to understand the relationship between network and end point activity – linking these reduces the alerts to only those that impact operations and warrant attention. 

Intellectual Property

First Watch has several patents pending on our software – the first covering the unique way of handling the flows of real-time data from devices in the OT network.

Firstwatch.

Our products