IRMA - Holistic Protection Against Cyber Attacks in Critical Infrastructures & Production Facilities
IRMA®, the security appliance for holistic security management of networked automation systems. Designed to enhance security, availability, and the digitalization of production environments.
IRMA. SO SIMPLE. SO SECURE.
Integrated Risk Analysis and Real-Time Threat Level
Quantifying cyber risks has become a top priority for many executive teams. To address this challenge and improve collaboration between Operational Technology (OT) and Information Technology (IT), the IRMA® system automatically provides a risk assessment combined with the current threat level. At a glance, users are guided to efficiently address the most critical cyber risks. The system evaluates security events, baseline deviations, and vulnerabilities to determine the threat status of industrial assets. IRMA® uses cognitive heuristics and machine learning to continuously analyze changes in devices and behavior within production environments.
This significantly reduces the effort required for system deployment, operation, and incident response. At the same time, it simplifies proving system security in line with the state of the art within the security management process.
Interested in IRMA? Contact us!
What Sets IRMA Apart
Simplicity
Arguably the simplest technical system for attack detection based on state-of-the-art standards.
Transparency
Improved cybersecurity through anomaly detection and industrial IT visualization without requiring deep security expertise.
Compliance
Meets key regulatory, corporate, and industry-specific security requirements.
Efficiency
Low operational effort thanks to simple installation, easy configuration, and immediate continuous monitoring with alerting.
Centralized Management, SIEM, and MSSP Integration
The centralized administration interface provides intuitive user guidance for seamless deployment and continuous security management.
For SOCs and MSSPs, IRMA® is an ideal addition, offering a proven REST API for integration into incident workflows of ISMS and SIEM platforms.
Comprehensive Asset Discovery
Passive monitoring in production environments, meaning observing network communication without active interference, is widely recognized and recommended by the BSI as state of the art. However, devices that do not actively communicate over the network cannot be detected this way. Additionally, passive methods provide only limited detailed information for security management purposes. New intelligent features for careful asset identification (*) enable operators to detect devices and gather detailed information about them.
NIS2UG, B3S, and ISO 27005 Risk Management
Security management aligned with the requirements of the NIS2 Implementation Act (NIS2UG), sector-specific security standards (B3S), and risk analysis according to ISO 27005 is essential. IRMA® provides the foundation and reporting capabilities to demonstrate compliance with legal requirements and to support more favorable insurance conditions. Full visibility of all OT assets and their activities contributes significantly to reducing cyber risk. Progress within the ISMS process is clearly documented.
(*)project based
Frequently asked questions
Here you will find some frequently asked questions about IRMA®.
Do you want to know the current security status of your IT network at all times? Are your relevant IT risks identified and assessed? Even in the event of a security incident, such as a cyberattack, operational capability must be maintained. Only continuous monitoring of communication within production IT environments can detect novel cyberattacks and manipulations. To respond immediately and prevent damage, intelligent real-time analysis with meaningful alerts is essential. These alerts can be prioritized and distributed efficiently. Security management in accordance with IT Security Act (ITSiG), NIS2, or IEC 62443 requirements can be implemented simply and with minimal effort using IRMA®.
- Holistic OT security management aligned with NIS2UG requirements or IEC 62443 implementation based on state-of-the-art standards
- OT asset and vulnerability management for NIS2 or Cyber Resilience Act (CRA)
- Protection of non-patchable systems such as Windows NT/2000/XP, legacy PLCs, and OPC Classic
- Security for certified production systems and processes without the need for re-certification (e.g. pharma, chemical, food industries)
- Immediate readiness through simple installation and a vendor-independent approach
IRMA® is suitable for any type of networked automation. This includes all critical infrastructure sectors (KRITIS) such as energy, water, food, and pharmaceuticals, as well as plant and mechanical engineering (IRMA-IIoT).
You can quickly and easily purchase the foundation for your IRMA® system directly in this shop. For consulting and integration of more complex deployment scenarios, a wide range of qualified partners is available.
Discover IRMA® in detail
Download the latest IRMA® datasheet and get a complete overview of all technical information. Fast, direct, and without obligation.
