Dark Clarity – CyberSecurity

Dark Clarity is an IoT-focused cybersecurity company,
aiming to provide high quality, distinctive Services
and develop Products and Solutions to address the
security challenges posed by the current IoT landscape

Dark Clarity is an IoT-focused cybersecurity company, aiming to provide high quality, distinctive Services and develop Products and Solutions to address the security challenges posed by the current IoT landscape

Due to an unprecedented growth, cyber-security solutions haven't kept pace with IoT adoption, massively increasing the risk of major cyber-security incidents. This is the landscape where Dark Clarity intends to be present and make a difference, using our combined experience to create innovative solutions that enable security-first IoT development and adoption.

Dark Clarity is an IoT-focused cybersecurity company, aiming to develop products and solutions to address the security challenges posed by the current IoT landscape.

Cybersecurity
as a Partner

Dark Clarity by InnoWave is a Cyber Security company that was setup by a specialized team of experienced professionals that share a diversity of experiences and skills. From a defensive to an offensive perspective, our services are product agnostic, and focus on helping to make the right evaluations and investments for the protection of your business truly valuable assets. Based of proven methodologies, our approach to security establishes the trust needed to cover new aspects and realities.

presenting

IoT Clarity

IoT and ICS Detection
and Response

IoT Clarity is a device that that detects and reacts to possible malicious IP connections targeting a network of IoT and ICS devices. Detected connections can be either external or internal, from a malicious agent or a rogue device, for instance. IoT Clarity can be deployed in a distributed manner in order to increase detection capabilities and emulate attack surfaces. It will also capture traffic metadata in order to determine malicious behaviours using artificial intelligence and machine learning algorithms..

Product composed of four stages:

Detection, Response, Mutating Surface, Behavior Analysis.

Detection
Stage

At the detection stage, IoT Clarity uses an opensource honeypot that emulates a variety of protocols used by IoT and ICS devices, like IEC104, BACnet, Guardian AST, Kamstrup, Modbus or S7comm. This allows it to establish a protocol connection with a possible malicious agent and distinguish simple network scans from more advanced attacks. This will also allow it to detect new types of attacks, a.k.a. 0-day attacks. Additional protocol can be emulated, according to the protected infrastructure.

Response
Stage

At the response stage, IoT Clarity can trigger Alert and Block actions, according to the capabilities of the protected infrastructure. Alert will trigger a message to a monitoring system, like a SIEM, or send an email that reports the detected connection. Block will trigger a response action to network perimeter routers or firewalls, using RTBH (Remote Triggered Black Hole) technologies or scripted ACLs (Access Control Lists) that blocks any further connections from the offending address.

Mutating
attack surface

Besides detecting and responding to possible attacks, IoT Clarity will also allow, when implemented in a large enough scale, to create a mutating false attack surface with several devices and protocols. The objective of this functionality is to considerably decrease the probability an attacker can successfully map and target an IoT infrastructure, using the mutating nature of the attack surface to trick the attacker into focusing on the wrong targets and reduce their window of opportunity, creating a Moving Target Defense (MTD) strategy.

Network
Traffic
Behavioural
Analysis

One of the planed features for IoT Clarity, is the capability of capturing network traffic metadata that could be analysed in real-time using artificial intelligence and machine learning algorithms. This allows IoT Clarity to detect existing malicious traffic on the network using behavioural analytics techniques, by finding abnormal actions in otherwise seemingly normal traffic. It also allows, when implemented in a distributed manner, for an unparalleled level of visibility of the entire infrastructure network traffic, greatly increasing the chances of finding abnormal behaviours before they can become a real menace.