NetRise is thrilled to be working alongside a number of great organizations in the OT Security space on ETHOS, an open-source, community-driven tool with the goal of sharing and comparing OT/ICS data to identify anomalies and indicators of new attacks in real time.
Initial founding members of ETHOS include NetRise, 1898 & Co., ABS Group, Claroty, Dragos, Forescout, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security.
The open-source project will be hosted on GitHub, with the goal of releasing the first working proof of concept before 2024. Nozomi Networks has volunteered to host the first ETHOS server for beta testing.
At a high level, ETHOS will allow organizations to opt-in to sharing and receiving anonymized threat intelligence and anomalies that are detected in other ETHOS members' environments to allow for real-time monitoring of new threats. At NetRise, we are looking to bring our device- and firmware-level analysis capabilities to share SBOMs, configuration information, credential and cryptographic risk information, and more with this initiative.
In the future, any company or government agency will be able to independently host an ETHOS server. The host can allow selected participants and clients to connect and share information. To participate in an ETHOS server and receive notifications, an entity must also have an ETHOS client built with integration capabilities to send data.
Stay tuned for more updates as we continue to work together to build out this community-driven capability!