Our Products and Services

SNOK™ is a cybersecurity monitoring and detection system tailored for industrial networks and control systems. SNOK™ detects targeted industrial attacks such as espionage, sabotage, malware, and other security interruptions in control systems. SNOK™ uniquely combines network and endpoint monitoring of components such as PLC’s, HMI’s, Servers etc.

In-house developed OT security software with a unique value proposition

Network-, endpoint- and PLC sensors coupled with strong analytic capabilities

icon network sensor

Network sensors (NIDS)

Secure-NOK’s Network sensors monitor traffic in an OT environment to Uncover potential threats.

snok cybersecurity monitoring system
icon endpoint sensors

Endpoint & PLC sensors

Secure-NOK’s endpoint and PLC sensors significantly reduce blind spots and enables efficient cyber security monitoring in hard-to-reach parts of OT environments.

icon endpoint sensors

Analysis & Consulting

Strong analytical team and technology to interpret the data gathered through the sensor monitoring → offers unique insights from advanced analytics.

logo SecureNOK
icon endpoint sensors

Unique combination of network-, endpoint- and PLC sensors coupled with a strong analytical team enables superior threat detection.

Our products

Reduce your blind spots

A combination of all available products in the SNOK™ Cybersecurity Monitoring System family provides the best security by combining information from different sources and reducing the blind spots of your infrastructure.

Asset Discovery

In the initial phase of securing your asset, or if you are wondering where to start, SNOK™ can be deployed in SNOK™ Asset Discovery mode on relevant network segments and endpoints of concern. Let it run for a while, then extract the collected information. You will get a report showing:

Topology and details of communication on the network that can be used to determine current vulnerability and plan how a SNOK™ Cybersecurity Monitoring system deployment should look like as well as other security measures such as network segmentation. SNOK™ Asset Discovery will also help you determine if your infrastructure is compliant with current security policies.

Trial Program

Secure-NOK™ offers a SNOK™ Trial Program. The SNOK™ solution is deployed, either as an Appliance or Virtual Machine on selected parts of the control system, for example a selected production line, subsystem or small site. The trial SNOK™ runs for a period of for example 30 days and includes an Analysis Report.

The benefits

SNOK™ is designed and built bottom up for industrial purposes. It gives you visibility at the various attack entry points that exists in an OT environment and is designed to fit in an industrial settings. Without disturbing the industrial process, SNOK™ detects cyber attacks and errors at the control layer of your industrial network.

Early Attack Detection

SNOK monitors your blindspots for subtle traces of attacks. Attacks can enter your infrastructure through networks as well as endpoints – SNOK makes sure you are looking both places, correlating and interpreting what you see.

Beyond Signatures

Today, more than 50% of attacks are non-malware – these are non-detectable using traditional malware signature detection methods. SNOK uses anomaly based detection capable of detecting all types of intrusions: those using malware, those using malware never seen before and non-malware attacks.

Built for Industry

SNOK™’s unique abilities to uncover blind spots are achieved because it is built for industry.

  • Non-intrusive: does not disturb the industrial process.
  • No maintenance required: once installed it does not need signature updates or similar to keep detecting new attacks.
  • Tiny footprint: uses few resources on the industrial infrastructure.
  • Backwards compatible: looks after unsupported devices in your legacy systems.

Situational awareness of OT systems

The SNOK™ family of products keeps an eye on your OT system. Our portfolio is comprehensive yet flexible and can be tailored to your needs. We design for early detection regardless if the attack is launched from interfacing IT systems or endpoints deep in the control network.

Network Intrusion Detection System (IDS)

The SNOK™ Network Intrusion Detection System (IDS) monitors internal and external communications of a controls system. It detects viruses, malware and sophisticated attacks (Advanced Persistent Threats), including those that are undetectable by conventional security tools. The SNOK™ Network IDS can be placed at the perimeter of the network, or at strategic internal points to monitor the data traffic between critical components.

Endpoint Monitoring

SNOK™ Endpoint Monitoring monitors Windows and Linux endpoints such as HMIs, SCADA, Servers, Historians, Engineering stations, including unsupported legacy versions. By closely monitoring endpoints from anomalies, SNOK™ will give an early warning of malicious activity whether it is originating from outside the infrastructure or from an insider that unknowingly or knowingly launch an attack from an endpoint.

PLC Threat Detection

Programmable Logic Controllers, PLCs, are the workhorses of most modern factories and plants. PLCs are rugged, reliable devices used to control often critical processes and activities performed by robotic devices. Unfortunately these are traditionally not designed with security in mind and are becoming increasingly more vulnerable as the networks they operate in are increasingly inter-connected. SNOK™ PLC Threat Detection will monitor for abnormal behavior, configuration changes and reprogramming of PLCs giving instant alerts upon detection.

Asset scanner

The first step in defending industrial networks, is to be aware of the individual assets making up the system. Upon installation, SNOK™ automatically discovers all nodes in the network and produces an inventory, the SNOK™ Asset List.

The SNOK™ Network IDS uses passive network sniffing to discover and monitor assets. To collect more information about the assets, SNOK™ can be extended with the SNOK™ Asset Scanner module. The Asset Scanner uses active scanning techniques to collect information about assets in a gentle and industrial friendly manner.

Our services

Our security Center with competent advisers offers specialist services in OT security.

Secure-NOK combines technology with analysis and advisory services to help infrastructure owners protect operations, build resilience and respond to cyber threats. Our security Center continuously analyses trends and makes recommendations for continuous improvements. This gives owners of critical infrastructure very good traceability of data traffic, and can take early measures to prevent cyber attacks.

Health check and security analysis

We offer services to assist our customers in getting the most out of the insight our security solution SNOK provides.

During our health check service, experts review available data about your facility and identifies vulnerabilities and security breaches. We offer monthly or quarterly status reports on the security of your facility.

Consultancy services and training

Our advisers have expertise in OT security and use recognized standards such as IEC 62443 and the NIST Cyber security framework. We carry out GAP analyzes of the security in your facility against best practice OT security.

We offer tailored training in OT security, customized to meet your company’s specific needs. Our training programs are designed for both management and operational personnel.

snok eye

SNOK Pilot and support

To get started with safety checks, we offer pilot projects with SNOK, tailored to the company’s needs.

We offer comprehensive consulting and support services to maximize the value during the pilot phase.