It’s been a decade since vendors offer machine learning based tools, every year new innovations show up. We summarize what we know today from studies and add our own observations regarding these tools. Furthermore, there’s a great way to test the real level of development and step forward: that is purple teaming.

Watch a short demo performed in our ICS Lab environment at EURO ONE and have a sneak peak in the process of a cyberattack’s detection in industrial networks. After describing the laboratory toolkit the scene considers a paint shop being attacked and shows the main viewpoints of the manufacturing engineer and the SOC team. The goal is to show how the industrial operators and the security operations team cooperates to react to threats – regardless if IT or OT is the target.