Cybersecurity Monitoring system Gloria

CYBERSECURITY MONITORING
SYSTEN GLORIA

SECURITY MONITORING SYSTEM GLORIA

Global solution to control the IT and operation systems (OT) both in the
ships and in the rest of the centres or facilities of a shipping company

Global solution to control the IT and operation systems (OT) both in the ships and in the rest of the centres or facilities of a shipping company

Fleet-wide Cybersecurity Monitoring

Fleet-wide Cybersecurity Monitoring

Once the IT and OT systems of each ship have been studied, installing the necessary measures to make the fleet cyber resilient, it is necessary to implement a surveillance system capable of supporting the security control teams.
Based on SIEM systems, GLORIA offers greater flexibility in the observation of IT and OT environments, making it possible to detect key indicators of attack patterns, prioritise actions, relate data to their origin and manage all information centrally.

Cybersecurity monitoring

Surveillance Module

Collects and models data from different sources, facilitating consecutive analysis. It offers centralised visualisation of monitored data and the collection of security logs. ARGOS provides a comprehensive and visual analysis of each source, including forensic analysis capabilities

Correlation of cybersecurity threats

Applied Intelligence Module

It has a set of complex correlation rules capable of adapting to the characteristics of each environment. The module is able to develop and parameterise correlators, optimising threat detection. In addition, it can automate the response, issuing action orders to curb risks when required

Cybersecurity Management Console

Alert Console

It is the incident collection console and the system management module. Through EMAS, the life cycle of each registered incident is monitored, which can be automatic or manual, using a database of assets to be protected and the procedures to be followed depending on the portfolio of services and the SLAs signed with the client

Cybersecurity management dashboard

Dashboard

This is the dashboard module that provides an analysis of the main indicators to see the evolution, both historically and in real time. There are two types of views available, internal and external. The internal view shows the efficiency, effectiveness, risk and carding of the system. The external view is designed to allow customers to monitor the performance of the system

Surveillance Module

Collects and models data from different sources, facilitating consecutive analysis. It offers centralised visualisation of monitored data and the collection of security logs. ARGOS provides a comprehensive and visual analysis of each source, including forensic analysis capabilities

Applied Intelligence Module

It has a set of complex correlation rules capable of adapting to the characteristics of each environment. The module is able to develop and parameterise correlators, optimising threat detection. In addition, it can automate the response, issuing action orders to curb risks when required

Alert Console

It is the incident collection console and the system management module. Through EMAS, the life cycle of each registered incident is monitored, which can be automatic or manual, using a database of assets to be protected and the procedures to be followed depending on the portfolio of services and the SLAs signed with the client

Dashboard

This is the dashboard module that provides an analysis of the main indicators to see the evolution, both historically and in real time. There are two types of views available, internal and external. The internal view shows the efficiency, effectiveness, risk and carding of the system. The external view is designed to allow customers to monitor the performance of the system

Protection against Advanced Persistent Attacks

Protection against Advanced Persistent Attacks

Advanced Persistent Attacks

Advanced Threat Protection

In addition to GLORIA, CARMEN is capable of detecting Advanced Persistent Threat (APT) compromises from the intrusion phase. It uses advanced sandboxing and static analysis techniques to detect misuse

We assume that the organisation has already been compromised. CARMEN is in charge of collecting, processing and analysing outgoing and internal traffic, with the aim of identifying external movements towards control servers, recognising lateral movements for the maintenance of persistence or theft in the corporate network

Installing the Cybersecurity Monitoring in the Fleet

Installing the Cybersecurity Monitoring in the Fleet

GLORIA

Installation on the Vessel

The necessary probes are deployed so that ARGOS collect information from all systems. TRITON and CARMEN analyse the information and create alerts, remediation and block suspicious traffic.
The installed software is autonomous and sends information when it has coverage.

Control Centre Installation

The TRITON module on the control centre receives the information from the on-board system.
The management console EMAS shows the status of each vessel’s assets and allows necessary action to be taken. HERA shows the internal and external reports with a summary of the fleet situation.

ISOC Monitoring

LThe ISOC smonitor 24/7 the status of each of the customer’s facilities.
Our technical staff constantly updates the system with new known threats. They apply remediation to emerging threats and advise the customer with recommendations for improvement of the security platform.