{
  "version": 3,
  "sources": ["ssg:https://framerusercontent.com/modules/x0eWNs4bGtFLBwoYi5C8/EauGYYCUkZo5KKQEG5dK/QsZaADSSZ-3.js"],
  "sourcesContent": ["import{jsx as e,jsxs as t}from\"react/jsx-runtime\";import{Link as n}from\"framer\";import{motion as i}from\"framer-motion\";import*as s from\"react\";export const richText=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"This is a reprint of a talk given by our CISO Dean Macris at BlackHat 2024.\"})}),/*#__PURE__*/e(\"p\",{children:\"Since the beginning of information security, the industry has used military parallels to organize defense, learning from the experience of traditional warfare. With that, it is helpful to look back at the classical Western military theorist Carl Von Clausewitz to help foster both operational technology cyber defense and national defense against an evolving threat landscape.\"}),/*#__PURE__*/e(\"p\",{children:\"Defense-in-depth and the OODA loop are two military parallels often cited in information security. Defense-in-depth can be described with a castle analogy. A castle has multiple layers of defense and limited, controlled methods of entry and exit. As you pass the moats, walls, and towers, you travel from low-trust areas to high-trust areas where the most valuable resources are layered. We can imagine that this model breaks down with distributed workforces, hybrid cloud environments, and the need to always have resources available. The problem is less how to secure a castle in London than how to secure the city of London.\"}),/*#__PURE__*/e(\"p\",{children:\"The OODA loop was coined by John Boyd after the Korean War to explain why some pilots with the same training and physical attributes ended up winning the majority of encounters. He theorized that the winning pilots were faster at moving through the process of:\"}),/*#__PURE__*/t(\"ul\",{style:{\"--framer-font-size\":\"15px\",\"--framer-text-alignment\":\"left\",\"--framer-text-color\":\"rgb(209, 210, 211)\",\"--framer-text-stroke-width\":\"0px\",\"--framer-text-transform\":\"none\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Observing the situation.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Orienting to the scenario based on previous experience and current observation.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Deciding on the best course of action.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Acting.\"})})]}),/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"563\",src:\"https://framerusercontent.com/images/EdW3qptp3GXs7f9737lPjfg.png\",srcSet:\"https://framerusercontent.com/images/EdW3qptp3GXs7f9737lPjfg.png?scale-down-to=512 512w,https://framerusercontent.com/images/EdW3qptp3GXs7f9737lPjfg.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/EdW3qptp3GXs7f9737lPjfg.png 1532w\",style:{aspectRatio:\"1532 / 1126\"},width:\"766\"}),/*#__PURE__*/e(\"p\",{children:'The \"Observe - Orient - Decide - Act\" (OODA) loop has been adopted in diverse industries, from finance to power plants. In information security, it describes the ability to see each security incident as novel and needing investigation while also drawing from experience to help guide response.'}),/*#__PURE__*/t(\"p\",{children:['Needless to say, countless other parallels can be drawn, some of which come from more historical sources. Classical Military theorist Carl von Clausewitz was a Prussian general during the Napoleonic Wars. His wife, Marie von Clausewitz, compiled his works into a 10-volume book, \"',/*#__PURE__*/e(n,{href:\"https://www.gutenberg.org/files/1946/1946-h/1946-h.htm\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"On War\"})}),'\" that has become the Western standard for military theory. There are hundreds of tactics, strategies, and ideas about warfare, and three are especially relevant to defending Operational Technology infrastructure: mobility, deception, and hardening. The original text of \"On War\" is available on ',/*#__PURE__*/e(n,{href:\"https://www.gutenberg.org/files/1946/1946-h/1946-h.htm\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Project Gutenberg\"})}),\".\"]}),/*#__PURE__*/e(\"h2\",{children:\"Mobility\"}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:'\"The defending party, both in tactics and in strategy, is supposed to be waiting in expectation, therefore standing, whilst the assailant is imagined to be in movement, and in movement expressly directed against that standing adversary.\" (CvC -- Volume 5 Chapter 4)'})}),/*#__PURE__*/e(\"p\",{children:\"von Clausewitz did not consider that a defensive position could be mobile but did consider that movement and maneuver are core tenants of success in military actions. Most of the major battles suring World War II in the Pacific proved that movement, maneuver, and mobility were decisive in achieving positive outcomes in battle. When defensive tactics include the ability to move resources, they are more difficult to target and more difficult to attack.\"}),/*#__PURE__*/e(\"h2\",{children:\"Deception\"}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:'\"Stratagem implies a concealed intention, and therefore is opposed to straightforward dealing, in the same way as wit is the opposite of direct proof. It has, therefore, nothing in common with means of persuasion, of self-interest, of force, but a great deal to do with deceit, because that likewise conceals its object\" (CvC -- Volume 3 Chapter 10)'})}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:'\"The deceiver by stratagem leaves it to the person himself whom he is deceiving to commit the errors of understanding which at last, flowing into _one_ result, suddenly change the nature of things in his eyes.\" (CvC -- Volume 3 Chapter 10)'})}),/*#__PURE__*/t(\"p\",{children:[\"In information security, you can outwit intruders by keeping your network moving and changing. Then you can layer in more active defense; many of us know this as a honeypot or honeynet. Black Security did a great job in their \",/*#__PURE__*/e(n,{href:\"https://www.antisyphontraining.com/on-demand-courses/active-defense-cyber-deception-w-john-strand/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"free course on Active Defense\"})}),\", stating that you can leave poison on a network, allowing intruders to take it freely. In reality, there is no better way to gain the upper hand on an adversary than to do the basics excellently and then layering (defense in depth of the modern age) active defense with infrastructure that is always moving and changing and leaving poison. It is the moment when the hunter becomes the hunted, and there is no more powerful defense technique than fear.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Hardening\"}),/*#__PURE__*/e(\"p\",{children:\"The first type of hardening is traditional fortification.\"}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"\\\"Therefore, amongst a number of great roads leading from the enemy's country into ours, we should first of all fortify that which leads most directly to the heart of our dominions, or that which, traversing fertile provinces, or running parallel to navigable rivers, facilitates the enemy's undertaking, and then we may rest secure.\\\" (CvC -- Volume 6 Chapter 11)\"})}),/*#__PURE__*/e(\"p\",{children:'In information security, traditional hardening means basic cyber hygiene and doing the basics excellently. Hardening endpoints is one of the most potent defenses. Few establishments outside of massive organizations and the government do an adequate job with that. The \"roads\" that Clausewitz mentions are what we need to consider when hardening our resources and networks. As basic as it is, this is a challenging task. In an OT setting, this is more important because our management endpoints do \"lead ... directly to the heart of our dominions,\" so the primary measure of assuring a fully hardened system is an essential starting point for good network security.'}),/*#__PURE__*/e(\"p\",{children:\"The second type of hardening is reducing the ability to live off the land.\"}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"\\\"Wellington, in his entrenched camp at Torres Vedras, waited till hunger, and the severity of the weather, had reduced Massena's army to such extremities that they commenced to retreat of themselves, the sword of the defensive party had no share in the weakening of the enemy's army.\\\" (CvC -- Volume 6 Chapter 8)\"})}),/*#__PURE__*/t(\"p\",{children:[\"As \",/*#__PURE__*/e(n,{href:\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"reported by CISA\"})}),\" regarding the persistence achieved by Volt Typhoon in IT networks related to critical infrastructure, it is clear that the more attackers have to live off the land, the less they need to do to maintain persistence. This is related to the idea of hardening but also minimizing what is available in the environment. If you scan monthly for vulnerabilities, why do networks have scanners up and running all the time? How are those scanners authenticated to central management, and do you have the same insight as you would into a regular workstation? We give attackers far too many places to hide. It could be legacy hardware or some outdated monitoring software. Consider salting the earth of your network and looking at how an attacker could use every tool if they get access.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Conclusion\"}),/*#__PURE__*/e(\"p\",{children:\"When taking a cross-functional look at our cybersecurity problem, we can learn a lot. One lens is through the military and defensive tactics and strategies. Having Operational Technology networks that align with Carl von Clausewitz on the fronts of Mobility, Deception, and Hardening can only add a few conceptional tools to a toolbox that is usually full of vendor solutions.\"})]});export const richText1=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"With this year's BlackHat 2024 conference wrapped up, here are the five major takeaways from the talks, trade show floor, and vendor pitches.\"}),/*#__PURE__*/e(\"p\",{children:\"As always BlackHat 2024 provided critical insights into the ever-evolving cybersecurity landscape, with increased focus on cyber-physical systems (CPS) amongst the vendor pool. Here are the five key takeaways:\"}),/*#__PURE__*/e(\"h4\",{children:\"1. System Resiliency, Business Continuity, and Disaster Recovery\"}),/*#__PURE__*/e(\"p\",{children:\"A major theme at BlackHat 2024 was the global outage caused by a failure in a widely deployed, single-point-of-failure agent. This incident highlighted the critical importance of designing systems for resiliency, especially in CPS where failure in one component can trigger widespread disruption across interconnected industrial control and OT systems.\"}),/*#__PURE__*/e(\"p\",{children:\"The discussion centered on whether systems should be designed to fail safely in parallel, rather than sequentially, to prevent such cascading failures. For CPS, including those in IoT, IIoT, XIoT, and MIoT environments, this issue is particularly pressing. Traditional IT Privileged Access Management (PAM) solutions, which often rely on agents, share similar vulnerabilities because they require installing agents on every single endpoints they broker access to. In contrast, CPS-focused remote access solutions that operate in parallel provide a more resilient structure, mitigating the risks of single-point failures taking down an entire factory or safety line.\"}),/*#__PURE__*/e(\"h4\",{children:\"2. Cyber-Physical System Manufacturers Lag in Cybersecurity\"}),/*#__PURE__*/e(\"p\",{children:\"Despite the increasingly sophisticated threat landscape, many big manufacturers of cyber-physical systems, particularly in industrial control and operational technology sectors, are still lagging in their cybersecurity efforts. Several sessions at BlackHat 2024 exposed the ongoing failures by these manufacturers and CPS software developers to integrate adequate security measures into their products.\"}),/*#__PURE__*/e(\"p\",{children:\"A significant concern is the shift from UHF/VHF communications to 4G/5G within CPS, which has expanded the attack surface dramatically. Unfortunately, the necessary security controls have not kept pace, leaving critical infrastructure vulnerable. In short: claiming you're safe because you're encrypting data-in-transit is at best window dressing; at worst it's knowingly selling snake oil. Manufacturers are trying to redirect from discussions around investing in proper cybersecurity measures by talking about warranties and SLAs, but these justifications are becoming increasingly untenable as the risks grow.\"}),/*#__PURE__*/e(\"h4\",{children:\"3. AI is the New Blockchain: Overhyped, Underdelivering\"}),/*#__PURE__*/e(\"p\",{children:\"Artificial Intelligence (AI) dominated the discussions at BlackHat 2024, with nearly every company showcasing their AI-driven solutions. However, there was widespread skepticism among CISOs, particularly in the context of industrial control and CPS. Many believe that the current AI hype is more about inflating company valuations than delivering practical, real-world solutions. (And yes, we've filed our fair share of AI patents at Dispel too).\"}),/*#__PURE__*/e(\"p\",{children:\"While AI does show promise in certain areas, such as improving data query responses, its application in CPS, IoT, and related technologies like IIoT, XIoT, and MIoT remains limited. That said, AI is beginning to show promise in enhancing data query responses.\"}),/*#__PURE__*/e(\"h4\",{children:\"4. Living off the Land Attacks Persist\"}),/*#__PURE__*/e(\"p\",{children:'The \"living off the land\" attack vector continues to pose a significant threat to CPS, particularly in industrial control and operational technology environments. This tactic involves using legitimate software and functions within a system to carry out malicious activities, making detection particularly challenging.'}),/*#__PURE__*/e(\"p\",{children:\"CPS, which are often deeply integrated with local networks and have been in place long before current cybersecurity practices were developed, are especially vulnerable. Many of these systems, such as building management systems, are legacy technologies that bypass newer security measures, creating significant security gaps that can be exploited by attackers.\"}),/*#__PURE__*/e(\"h4\",{children:\"5. Cyber Insurance: The Unexpected Enforcer\"}),/*#__PURE__*/e(\"p\",{children:\"Cyber insurance is emerging as a powerful enforcer of cybersecurity standards, particularly in the absence of stringent regulatory mandates. At BlackHat 2024, it became clear that insurers are increasingly requiring companies, especially those operating in industrial control and OT sectors, to adhere to frameworks like NIST 800-82, 800-53, and IEC 62443.\"}),/*#__PURE__*/e(\"p\",{children:\"This shift has significant implications for CPS, as failure to comply with these standards could result in denied insurance claims. Non-compliance might be viewed as negligence, putting companies at risk of major financial losses. As a result, cyber insurance is becoming a critical driver for enforcing best practices in CPS security.\"}),/*#__PURE__*/e(\"h3\",{children:\"Conclusion\"}),/*#__PURE__*/e(\"p\",{children:\"BlackHat 2024 underscored several critical imperatives for securing cyber-physical systems, particularly within industrial control and operational technology environments. First, the global outage incident serves as a stark reminder that system design must prioritize resiliency, with an emphasis on parallel, agent-less architectures to avoid catastrophic single-point failures. Second, the lag in cybersecurity adoption by CPS manufacturers\u2014especially those transitioning to 4G/5G communications\u2014poses an ongoing risk to critical infrastructure, demanding immediate corrective actions.\"}),/*#__PURE__*/e(\"p\",{children:'Third, while AI and blockchain technologies continue to generate buzz, their practical application within CPS remains limited. Stakeholders should focus on addressing existing vulnerabilities rather than chasing speculative solutions. Fourth, the persistence of \"living off the land\" attacks highlights the need for enhanced security measures in legacy CPS, which are often deeply embedded within organizations and bypass modern defenses.'}),/*#__PURE__*/e(\"p\",{children:\"Finally, the role of cyber insurance as a de facto enforcer of cybersecurity standards is a game-changer. Insurers are increasingly requiring adherence to frameworks like NIST 800-82, 800-53, and IEC 62443, with non-compliance potentially leading to denied claims. This shift places a tangible financial incentive on companies to improve their CPS security practices, ultimately driving better protection for critical systems.\"}),/*#__PURE__*/e(\"p\",{children:\"These takeaways from BlackHat 2024 provide a clear roadmap for those responsible for securing cyber-physical systems: prioritize resiliency, close existing security gaps, and align with industry standards to mitigate risks in an increasingly complex threat landscape.\"}),/*#__PURE__*/e(\"p\",{children:\"See you next year, and don't bet it all on red.\"})]});export const richText2=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Introduction\"}),/*#__PURE__*/e(\"p\",{children:\"An outdated characteristic of older OT networks is their reliance on flat network architectures, where devices often share the same VLANs or switches without mechanisms to block traffic between them. This design prioritizes simplicity and ease of maintenance over security. Basic network switches in these setups forward traffic based solely on MAC addresses, lacking the intelligence to control or filter data flow. This creates a significant security risk: once an attacker gains access to one device, they can easily move to others, exploiting the absence of segmentation and control. To mitigate this risk, organizations must place systems between the devices or implement measures directly on the devices to block traffic. There is no magic bullet; effective segmentation requires access between endpoints to control and filter traffic.\"}),/*#__PURE__*/t(\"p\",{children:[\"As an IT cybersecurity manager working in an OT facility, you likely recognize the \",/*#__PURE__*/e(n,{href:{pathVariables:{TCDvui9hG:\"what-is-the-point-of-zero-trust-in-access-management\"},unresolvedPathSlugs:{TCDvui9hG:{collectionId:\"QsZaADSSZ\",collectionItemId:\"s_o0pCV5W\"}},webPageId:\"cg8yF79Jt\"},motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"critical importance of securing your network to protect your operations\"})}),\". You understand that your network's architecture, inherited from an era when security was not the primary concern, poses substantial risks. The devices on your network may be co-located on the same VLAN or switch, creating a flat network structure that makes it easy for threats to move laterally once inside. This situation demands immediate attention and a strategic approach to ensure the integrity and safety of your critical infrastructure.\"]}),/*#__PURE__*/e(\"p\",{children:\"The challenge is clear: you need to prevent malicious actors from exploiting the lack of segmentation to move freely between devices. This requires implementing robust network segmentation strategies that introduce barriers within the network, making it difficult for threats to spread. By placing systems between devices or on the devices themselves to block unauthorized traffic, you can create a more secure and resilient network environment.\"}),/*#__PURE__*/e(\"p\",{children:\"In this article, we will explore practical solutions and strategies to help you segment your OT network effectively. We will delve into various techniques such as VLANs, Access Control Lists (ACLs), microsegmentation, and Network Address Translation (NAT). Additionally, we will discuss best practices for maintaining a secure network, including asset inventory, regular audits, continuous monitoring, and adopting a zero trust approach. Our goal is to equip you with the knowledge and tools needed to transform your OT network from a flat, vulnerable structure into a robust, segmented system that enhances security and mitigates risks.\"}),/*#__PURE__*/e(\"h2\",{children:\"Understanding Network Segmentation in Industrial Control Systems\"}),/*#__PURE__*/e(\"p\",{children:\"Network segmentation strategically divides a network into isolated sub-networks, a cornerstone of robust network security practices. Each segment operates independently, containing potential security breaches within confined areas. In OT environments, where compromised infrastructure can have severe consequences, segmentation is essential.\"}),/*#__PURE__*/e(\"p\",{children:\"Network segmentation offers many benefits. Enhanced security stands out, as isolating devices reduces the attack surface and impedes the lateral spread of threats. Segmentation also improves network performance by minimizing broadcast traffic, enhancing overall efficiency. Additionally, segmentation aids in regulatory compliance, ensuring sensitive data remains isolated and protected.\"}),/*#__PURE__*/e(\"h2\",{children:\"Risks of Unsegmented OT Networks\"}),/*#__PURE__*/t(\"p\",{children:[\"Unsegmented networks pose significant risks, especially in OT environments. When devices lack proper segmentation, an attacker who infiltrates one device can \",/*#__PURE__*/e(n,{href:{pathVariables:{TCDvui9hG:\"what-is-the-point-of-zero-trust-in-access-management\"},unresolvedPathSlugs:{TCDvui9hG:{collectionId:\"QsZaADSSZ\",collectionItemId:\"s_o0pCV5W\"}},webPageId:\"cg8yF79Jt\"},motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"traverse the entire network\"})}),\", causing widespread disruption, data breaches, or even physical damage to critical infrastructure. Historical incidents highlight these risks. The Stuxnet worm, for example, exploited inadequate network segmentation to spread and sabotage Iran\u2019s nuclear facilities. Similarly, the Triton/Trisis malware attack targeted industrial safety systems, underscoring the dangers of insufficient segmentation within critical infrastructure.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Techniques for Segmenting OT Devices on the Same Switch\"}),/*#__PURE__*/e(\"p\",{children:\"To mitigate these risks, various techniques can segment OT devices sharing the same network switch:\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Put a smart switch between the assets. All of the solutions below this need this change in order to implement. With OT systems, it is very unlikely you are going to be able to install an agent onto the endpoints to prevent lateral movement. The key, then, is to control the network traffic itself.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Implementing Virtual Local Area Networks (VLANs) effectively separates devices logically on the same physical switch, creating independent networks within the existing infrastructure. This separation allows for precise control over traffic flow and isolation of critical systems. For effective VLAN implementation, thoroughly understand the network architecture, map VLANs meticulously, and ensure diligent VLAN tagging and trunking practices.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Access Control Lists (ACLs) add another layer of network security by defining rules that control network traffic flow. These rules restrict which devices can communicate with each other, enhancing the security of segmented networks. To craft effective ACLs, define precise traffic rules and regularly review and update them to adapt to network changes and emerging threats. Furthermore, microsegmentation provides granular control over network traffic, allowing for segmentation at the individual device level. Leverage technologies like Software-Defined Networking (SDN) to facilitate microsegmentation, enabling dynamic and flexible security policies that respond to evolving network conditions.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Network Address Translation (NAT) complements these techniques by obscuring internal IP addresses, complicating an attacker\u2019s efforts to map and navigate the network. Implement NAT to hide the IP addresses of critical OT devices, significantly bolstering network security by adding an additional layer of obfuscation and complexity for potential intruders.\"})})]}),/*#__PURE__*/e(\"h2\",{children:\"Best Practices for Effective Zero Trust Access & Segmentation\"}),/*#__PURE__*/e(\"p\",{children:\"Effective segmentation requires more than just techniques; adhering to best practices enhances overall network security. Maintain an accurate, up-to-date inventory of all OT assets to understand network components and their roles, crucial for effective segmentation. Regular network audits identify segmentation weaknesses and ensure compliance with security policies. Continuous monitoring detects and responds to segmentation breaches in real time.\"}),/*#__PURE__*/e(\"p\",{children:\"Implement robust access control mechanisms and multi-factor authentication (MFA) to limit access to critical network segments, ensuring only authorized personnel reach sensitive areas. Regularly update and patch devices to address vulnerabilities, as an unpatched device can serve as a gateway for attackers, undermining segmentation efforts.\"}),/*#__PURE__*/e(\"p\",{children:\"Adopt a zero trust approach, assuming no entity\u2014inside or outside the network\u2014holds default trust. This approach requires strict verification for every device and user attempting to access resources, enhancing overall security. Implemented zero trust measures ensure continuous verification of all access requests, reducing the risk of unauthorized access. This model proves particularly beneficial for secure remote access and maintaining a strong network perimeter.\"}),/*#__PURE__*/e(\"h2\",{children:\"Complementary Tools and Solutions\"}),/*#__PURE__*/e(\"p\",{children:\"Advanced tools and solutions can enhance segmentation strategies. Security Information and Event Management (SIEM) systems aggregate and analyze security data across the network, aiding in detecting and responding to threats within segmented environments. Intrusion Detection Systems (IDS) monitor network segments for suspicious activity, providing alerts for potential breaches and enabling swift containment actions. Specialized OT security solutions address the unique challenges of industrial environments, often incorporating features designed for network segmentation and device isolation.\"}),/*#__PURE__*/t(\"p\",{children:[\"For more comprehensive guidelines, refer to the \",/*#__PURE__*/e(n,{href:\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"NIST Guide to Industrial Control Systems (ICS) Security\"})}),\" and the ISA/IEC 62443 Series of Standards. Additionally, the Cybersecurity and Infrastructure Security Agency (CISA) offers relevant articles and tools on network security and critical infrastructure protection.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Managing Legacy Routing Decisions\"}),/*#__PURE__*/e(\"p\",{children:\"Network segmentation is a critical strategy for safeguarding OT networks from cyber threats. Isolating devices on the same network switch prevents lateral movement and contains potential breaches. Employ strategies like VLANs, ACLs, microsegmentation, and NAT, combined with best practices like regular audits, zero trust, and robust access controls to enhance OT network security. As cyber threats evolve, our approaches to network security must also adapt. Regularly evaluating and improving segmentation strategies requires vigilance, expertise, and the right tools. Proactively segmenting OT devices ensures the resilience and reliability of operations in an interconnected world.\"}),/*#__PURE__*/e(\"h3\",{children:\"Additional Resources\"}),/*#__PURE__*/t(\"p\",{children:[\"For further insights, several whitepapers and guides provide additional depth on the subject, including the \",/*#__PURE__*/e(n,{href:\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"NIST Guide to Industrial Control Systems (ICS) Security\"})}),\", the ISA/IEC 62443 Series of Standards, and various papers from the SANS Institute on network segmentation. Industry standards such as the \",/*#__PURE__*/e(n,{href:\"https://www.nist.gov/cyberframework\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"NIST Cybersecurity Framework\"})}),\" and the ISA/IEC 62443 provide comprehensive guidance on managing cybersecurity risks and securing industrial automation and control systems. Engage with OT security consultants and professional associations like the \",/*#__PURE__*/e(n,{href:\"https://www.isa.org/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"International Society of Automation (ISA)\"})}),\" for valuable resources and support in implementing effective network segmentation strategies. By staying informed and proactive, organizations can build robust defenses against cyberattacks, ensuring the ongoing security and stability of their critical operations.\"]})]});export const richText3=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"The original NIS Directive, formally known as Directive (EU) 2016/1148, was the first piece of EU-wide legislation on cybersecurity, adopted in July 2016. It aimed to achieve a high common level of security for network and information systems across the EU. The directive focused on ensuring that member states, key operators of essential services, and digital service providers adopted appropriate security measures and reported significant incidents.\"}),/*#__PURE__*/e(\"h2\",{children:\"Four Major Failings of the Original NIS Directive\"}),/*#__PURE__*/e(\"p\",{children:\"Shortly after the Directive, it soon became evident that certain limitations and challenges prevented it from fully addressing the evolving cyber threat landscape. The law wasn\u2019t expansive enough in who it covered, didn\u2019t require consistent implementation across Europe, and needed reporting obligations so authorities could inspect what they expected.\"}),/*#__PURE__*/e(\"h3\",{children:\"1. Inconsistent Implementation Across Member States\"}),/*#__PURE__*/e(\"ul\",{children:/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Variability in National Approaches:\"}),\" The original NIS Directive allowed member states significant flexibility in its implementation, leading to inconsistent application and varying levels of cybersecurity across the EU. This inconsistency created gaps in the collective security posture of the Union, making some sectors and countries more vulnerable than others.\"]})})}),/*#__PURE__*/e(\"h3\",{children:\"2. Limited Scope and Coverage\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Narrow Definition of Essential Services:\"}),\" The original directive focused primarily on specific essential services such as energy, transport, banking, and health. It did not sufficiently cover a broader range of critical sectors and digital service providers that have since become integral to the EU's economy and society.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Exclusion of Important Entities:\"}),\" Many medium-sized businesses and other entities critical to supply chains and digital infrastructure were not included under the original NIS Directive, leaving significant vulnerabilities unaddressed.\"]})})]}),/*#__PURE__*/e(\"h3\",{children:\"3. Inadequate Incident Reporting and Risk Management\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Insufficient Reporting Obligations:\"}),\" The incident reporting requirements under the original NIS Directive were not comprehensive enough to ensure timely and detailed information sharing. This hindered the ability of authorities and other entities to respond effectively to incidents and prevent further attacks.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Lack of Rigorous Risk Management:\"}),\" The directive did not mandate stringent risk management practices, leaving many organizations without adequate cybersecurity measures and preparedness plans.\"]})})]}),/*#__PURE__*/e(\"h3\",{children:\"4. Need for Enhanced Cooperation and Coordination\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Limited EU-wide Cooperation:\"}),\" The original NIS Directive did not sufficiently promote cooperation and information sharing among member states, relevant authorities, and stakeholders. This lack of coordination impeded the development of a unified and effective response to cyber threats.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Fragmented Certification Standards:\"}),\" There was no comprehensive framework for cybersecurity certification across the EU, leading to a fragmented approach to assessing and ensuring the security of products, services, and processes.\"]})})]}),/*#__PURE__*/e(\"h2\",{children:\"Application to Industry\"}),/*#__PURE__*/e(\"p\",{children:\"The original NIS Directive aimed to enhance the cybersecurity of network and information systems across the European Union. Its implementation had a notable impact on industries relying on operational technology (OT), particularly in the areas of secure remote access, industrial control systems (ICS), and the adoption of zero trust security models.\"}),/*#__PURE__*/e(\"p\",{children:\"The directive pushed industries to strengthen their cybersecurity measures, especially for secure remote access to OT systems. This was crucial as remote access to industrial control systems became more common, enabling maintenance, monitoring, and control from off-site locations. To comply with the directive, many organizations adopted Software Defined-Wide Area Networks (SD-WANs) and Multi-Factor Authentication (MFA) to ensure that remote connections to OT systems were secure and that unauthorized access was prevented. Additionally, secure remote access required enhanced monitoring and logging of all remote access activities, ensuring that any suspicious activity could be detected and responded to promptly, thus reducing the risk of cyberattacks.\"}),/*#__PURE__*/e(\"p\",{children:\"The directive also emphasized the need for robust cybersecurity measures within ICS environments. These systems, which control critical infrastructure and industrial processes, became prime targets for cyber threats, necessitating enhanced security protocols. One significant impact was the increased adoption of network segmentation. By isolating ICS networks from other parts of the corporate network, industries reduced the risk of lateral movement by attackers who might gain access to the broader network. Furthermore, industries were encouraged to conduct regular security assessments and vulnerability management of their ICS, taking a proactive approach to identify and mitigate potential security weaknesses before they could be exploited.\"}),/*#__PURE__*/e(\"p\",{children:\"The NIS Directive led to the broader adoption of zero trust security models within industries using OT. This approach assumes that threats could come from inside or outside the network and that no user or device should be trusted by default. Zero trust principles required continuous verification of every user and device attempting to access OT systems, achieved through rigorous authentication and authorization mechanisms. The directive also encouraged the implementation of micro-segmentation, where OT networks are divided into smaller, isolated segments to limit the potential impact of a security breach. Additionally, the principle of least privilege was applied, ensuring that users and devices only had access to the systems and data necessary for their roles.\"}),/*#__PURE__*/e(\"p\",{children:\"Nevertheless while the original NIS Directive positively impacted industries relying on operational technology by enhancing the security of remote access, strengthening the protection of industrial control systems, and promoting the adoption of zero trust security models, it still had notable shortcomings. These measures did collectively improve the cybersecurity posture of critical infrastructure and industrial processes, making them more resilient to the ever-evolving cyber threat landscape. However, the directive's limitations in scope, inconsistent implementation across member states, and insufficient incident reporting obligations highlighted the need for further improvements.\"}),/*#__PURE__*/e(\"h2\",{children:\"Evolving into the NIS2 Directive\"}),/*#__PURE__*/e(\"p\",{children:\"With these concerns, the European Parliament adopted the NIS2 Directive on November 28, 2022, which came into force on January 16, 2023. The NIS2 Directive tries to address the limitations through several key articles, which we\u2019ll cover in more detail in our next post.\"}),/*#__PURE__*/e(\"p\",{children:\"The original Network and Information Security (\u201CNIS\u201D) Directive marked a significant step towards enhancing cybersecurity across the European Union, but didn\u2019t go far enough with standardization, accountability, and reach. Still, it remains an important opening step in Europe\u2019s progress toward universal cybersecurity standards.\"})]});export const richText4=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Key Points\"})}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"The Dispel Zero Trust Engine remained fully operational during the CrowdStrike outage.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Our platform's continuous verification principle minimizes the risk of breaches and maintains security.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"We have prepared alternatives for customers using the CrowdStrike agent to ensure uninterrupted connectivity.\"})})]}),/*#__PURE__*/e(\"p\",{children:\"This morning, CrowdStrike pushed a software update that impacted many organizations relying on their security services. This incident caused significant disruptions in normal operations for those affected as it caused devices to enter an endless reboot loop and blue screen of death.\"}),/*#__PURE__*/e(\"p\",{children:\"Dispel's Zero Trust Engine continued to operate securely and efficiently throughout the CrowdStrike outage. Our platform's architecture and security protocols ensured that there were no interruptions in service for our clients.\"}),/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Preparedness for CrowdStrike Users\"})}),/*#__PURE__*/e(\"p\",{children:\"For our customers using the CrowdStrike agent on their Virtual Desktop images, our operations team has prepared alternatives to maintain continued connectivity and protection. If you have not already been contacted by your Technical Account Manager, or reached out yourself, please contact our team with any questions or concerns.\"})]});export const richText5=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"In the world of autonomous vehicles, the shift from UHF/VHF communications to 4G connectivity has revolutionized operations\u2014and introduced new risks. This article explores how to implement secure remote access for an autonomous vehicle using the \",/*#__PURE__*/e(n,{href:\"https://dispel.com/products/zero-trust-access\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Dispel Zero Trust Engine\"})}),\", tackling the challenges of real-time remote handling in an internet-connected landscape.\"]}),/*#__PURE__*/e(\"p\",{children:\"Traditional fleet management was about extracting data from vehicles to monitor health and performance. But as vehicles become more autonomous and connected via 4G, they are exposed to the vast and vulnerable terrain of the internet. This shift demands robust cybersecurity measures to protect these advanced systems from exploitation.\"}),/*#__PURE__*/e(\"p\",{children:\"Our mission: retrofit an autonomous vehicle with Dispel's zero trust secure remote access. We'll cover everything from establishing connectivity to ensuring low latency and stringent security. We'll confront real-world challenges and demonstrate practical solutions to protect autonomous vehicles from cyber threats.\"}),/*#__PURE__*/e(\"p\",{children:\"This journey is about more than technology\u2014it's about securing the future of remote operations in an increasingly connected world. Join us as we explore how to safeguard autonomous vehicles, ensuring they operate safely and efficiently in the age of 4G connectivity.\"}),/*#__PURE__*/e(\"h2\",{children:\"Securing autonomous vehicles in the age of 4G\"}),/*#__PURE__*/e(\"p\",{children:\"In this article, we delve into the practical implementation of secure remote access and operations for an autonomous vehicle using the Dispel Zero Trust Engine. This demonstration highlights how real-time remote handling can be effectively managed and the challenges one might encounter during the process.\"}),/*#__PURE__*/e(\"p\",{children:\"Fleet management is traditionally thought of as pulling data from devices, vehicles, endpoints, or other IoT systems (your fleet) that are out in the field. This information covers system health, current conditions, operating time, and performance metrics for predictive maintenance. Data streaming such as this from IoT, OT, IIoT, XIoT and the rest of the connected alphabet soup is quite common and readily done.\"}),/*#__PURE__*/t(\"p\",{children:[\"Remote operation of semi- or fully-autonomous vehicles opens a new focus area, with serious cybersecurity controls. Unmanned systems including ground (UGA), aerial (UAV), and maritime surface (ASV/USV) typically focused on system availability, latency, and responsiveness. Drone cybersecurity is \",/*#__PURE__*/e(n,{href:\"https://usa.kaspersky.com/resource-center/threats/can-drones-be-hacked\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"not\"})}),\" as \",/*#__PURE__*/e(n,{href:\"https://www.blackhat.com/docs/asia-16/materials/asia-16-Rodday-Hacking-A-Professional-Drone.pdf\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"secure\"})}),\" as you might \",/*#__PURE__*/e(n,{href:\"https://ccdcoe.org/uploads/2018/10/Art-13-UAV-Exploitation-A-New-Domain-for-Cyber-Power.pdf\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"hope\"})}),\" or think\u2014unless you've been cybersecurity for long and then this will come as little surprise that R&D went straight to sales.\"]}),/*#__PURE__*/e(\"p\",{children:\"Our purpose then is to show how machine builders and vehicle operators can continue to remotely control their equipment while easily dropping in an IEC 62443/NIST 800-82 OT cybersecurity platform to protect transmission and access.\"}),/*#__PURE__*/e(\"h2\",{children:\"Security challenges of autonomous vehicles\"}),/*#__PURE__*/e(\"p\",{children:\"Autonomous vehicles share the same cybersecurity challenges as any other OT asset, with the added risk that the endpoint can now gain speed and hit things. Typically most drone vendors do not implement a comprehensive NIST 800-53-aligned security control suite onto their systems. At most, you will find they use code signing and data-in-transit encryption.\"}),/*#__PURE__*/t(\"p\",{children:[\"Of the 1007 controls and enhancements in NIST 800-53 Rev 5, data encryption in transit only address four (\",/*#__PURE__*/e(n,{href:\"https://csf.tools/reference/nist-sp-800-53/r5/sc/sc-8/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"SC-8\"})}),\", \",/*#__PURE__*/e(n,{href:\"https://csf.tools/reference/nist-sp-800-53/r5/sc/sc-13/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"SC-13\"})}),\", \",/*#__PURE__*/e(n,{href:\"https://csf.tools/reference/nist-sp-800-53/r5/ac/ac-17/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"AC-17\"})}),\", and \",/*#__PURE__*/e(n,{href:\"https://csf.tools/reference/nist-sp-800-53/r5/ac/ac-18/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"AC-18\"})}),\").\"]}),/*#__PURE__*/e(\"p\",{children:\"With drone using 4G LTE connectivity, the attack surface of the device is no longer limited to the realm of relatively near-field UHF concerns. A drone becomes any other IoT asset and should require the same protective controls any other OT device needs under NIST 800-82 or IEC 62443. Welcome to the whole internet.\"}),/*#__PURE__*/e(\"h2\",{children:\"Implementing Dispel Zero Trust\"}),/*#__PURE__*/e(\"p\",{children:\"We wanted to see if we could retro-fit an autonomous vehicle with Dispel zero trust secure remote access.\"}),/*#__PURE__*/e(\"h3\",{children:\"Our platform\"}),/*#__PURE__*/e(\"p\",{children:\"The team at Dispel labs decided to go with a LY-DG01 remote control lawn mower for two primary reasons:\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"The system is easily modded, meaning experimenting would be easier than a more delicate platform.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"It was more rugged allowing for outdoor operations and maneuver in more realistic operating environments.\"})})]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"em\",{children:\"Taking delivery of our LY-DG01\"})}),/*#__PURE__*/e(\"video\",{autoPlay:!0,className:\"framer-image\",loop:!0,muted:!0,playsInline:!0,src:\"https://framerusercontent.com/assets/2toVPIUDL0VmU7QMsqsXny2Ks.mp4\"}),/*#__PURE__*/e(\"h3\",{children:\"Establishing Connectivity & Latency\"}),/*#__PURE__*/t(\"p\",{children:[\"Connectivity to LY-DG01 (LY for short) was straightforward. A 4G router and chip established traffic to the onboard switch. Using a Dispel \",/*#__PURE__*/e(n,{href:{webPageId:\"oEuuvgjFx\"},motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Wicket ESI\"})}),\", we set up a Layer 2 overlay network from LY to our lab's regional SD-WAN.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Low latency in remote operations is crucial. Ping times matter more when you could be driving off a cliff. As with all OT assets, security functions should stay as close to the asset as possible for just this reason. In the case of our LY, the gas-powered drone-tank would require real-time handling.\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Key Points:\"})}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Low latency is crucial for remote operations, especially to prevent accidents.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"We placed the Dispel Region in our US-East availability zone to minimize ping times.\"})})]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"br\",{}),\"To minimize latency, we put the Dispel Region in our US-East availability zone. With over 30 availability zone around the world, Dispel Region SD-WANs allow us to keep networks as close as possible to the assets they're connecting to to minimize ping times.\"]}),/*#__PURE__*/e(\"p\",{children:\"With the handshake between the Wicket ESI and the Region established, we loaded LY into the Dispel Dashboard, assigning an IP address, subnet, port and protocol rules, and setting up the access control list (ACL) rules for remote connection.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"em\",{children:\"Adding our drone to the Dispel Dashboard\"})}),/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"973\",src:\"https://framerusercontent.com/images/ibbyZiSsfzFn4Sxi5fJddB9HU.png\",srcSet:\"https://framerusercontent.com/images/ibbyZiSsfzFn4Sxi5fJddB9HU.png?scale-down-to=1024 532w,https://framerusercontent.com/images/ibbyZiSsfzFn4Sxi5fJddB9HU.png 1012w\",style:{aspectRatio:\"1012 / 1946\"},width:\"506\"}),/*#__PURE__*/e(\"h2\",{children:\"Success and Remote Operation\"}),/*#__PURE__*/e(\"p\",{children:\"With the LY-DG01 uplink established and registered, we achieved secure remote access and operation. Our logging, monitoring, access windows, and user controls were in place, preventing unauthorized access.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Key Points:\"})}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"The Wicket ESI controls all north-south connectivity, ensuring robust security.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"The LY-DG01 demonstrated precise remote handling despite our limited driving experience.\"})})]}),/*#__PURE__*/e(\"video\",{autoPlay:!0,className:\"framer-image\",loop:!0,muted:!0,playsInline:!0,src:\"https://framerusercontent.com/assets/AGqG6GTLs7p3YdM07bPXTKk6iQ.mp4\"}),/*#__PURE__*/e(\"h2\",{children:\"Takeaways and real-world implications\"}),/*#__PURE__*/e(\"p\",{children:\"Drone and other autonomous vehicle manufacturers can and should implement zero trust access principles into their equipment for both trust and safety.\"}),/*#__PURE__*/e(\"p\",{children:\"When we began researching this project we found most drone buyers are not typically OT operators and IT managers but rather the end users or equipment procurement. Even through drones connect into IT and OT systems, they're often not be categorized as an IT endpoint or OT asset and therefore fall between the cybersecurity control requirements imposed by both departments. This shows in the cybersecurity literature and measures taken by drone vendors in general.\"}),/*#__PURE__*/e(\"p\",{children:\"Installing our Wicket and a 4G router, and connecting the LY-DG01 to Dispel ZTNA was a straightforward process like any other OT asset. From our experience here, retrofitting existing fleets for data streaming, remote maintenance, and operation can be done in short order with minimal lift.\"}),/*#__PURE__*/e(\"h3\",{children:\"Practical Recommendations for Manufacturers\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Adopt Comprehensive Security Controls\"}),\": Implement a comprehensive security control suite aligned with standards such as NIST 800-53 and IEC 62443. This includes data encryption, access controls, and regular security audits.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Integrate Zero Trust Principles\"}),\": Ensure that all communication and control channels adhere to zero trust principles. This minimizes the risk of unauthorized access and potential cyber-attacks.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Educate and Train Users\"}),\": Provide training and resources to end users and procurement teams about the importance of cybersecurity and how to implement best practices in their operations.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Collaborate with Cybersecurity Experts\"}),\": Work with cybersecurity experts to design and implement robust security measures tailored to the specific needs of autonomous vehicles.\"]})})]}),/*#__PURE__*/e(\"p\",{children:\"Retrofitting existing fleets for data streaming, remote maintenance, and operation with secure access can be done efficiently. Integrating platforms like the Dispel Zero Trust Engine provides a robust solution to ensure both operational efficiency and cybersecurity. By following these best practices, manufacturers and operators can enhance the safety and reliability of autonomous vehicles in real-world applications.\"}),/*#__PURE__*/e(\"p\",{children:\"In the rapidly evolving landscape of autonomous vehicle technology, prioritizing cybersecurity is not just an option\u2014it\u2019s a necessity. Through our demonstration, we hope to inspire industry stakeholders to adopt secure remote access solutions and safeguard their operations against potential threats.\"})]});export const richText6=/*#__PURE__*/e(s.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Take the First Step Toward Zero Trust Access - \"}),\"Ready to simplify access to your cyber-physical systems? \",/*#__PURE__*/e(n,{href:\"https://dispel.com/contact-us\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Get in touch with our team\"})}),\" today or \",/*#__PURE__*/e(n,{href:\"https://dispel.com/book\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"book a demo\"})}),\" to see the Dispel Zero Trust Engine in action!\\xa0\"]})});export const richText7=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"TOKYO, June 17, 2024 -\"}),\"  Dispel, a leading provider of secure remote access for industrial control systems, won \",/*#__PURE__*/e(\"strong\",{children:\"\u201CBest in Show\u201D\"}),\" at Interop Tokyo 2024, presented by their partner \",/*#__PURE__*/e(n,{href:\"https://www.techmatrix.co.jp/product/dispel/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"TechMatrix\"})}),\". The award recognizes Dispel\u2019s zero trust platform providing extensive control, visibility, and response capabilities for IT, OT, XIoT, IIoT and cyber-physical systems through the company\u2019s zero trust \",/*#__PURE__*/e(n,{href:\"https://dispel.com/products/zero-trust-access\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Secure Remote Access platform\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"The \u201CBest of Show\u201D awards receive hundreds of nominations from across the industry. Awards are decided by a committee of leading industry experts from academic, government, and corporate backgrounds. Interop Tokyo is one of the largest technology and computing trade shows in Asia, showcasing technology exhibitors from markets including marketing, business, communications, industrials, and cybersecurity. Dispel won Best in Show, Special Prize in Industrial Networks.\"}),/*#__PURE__*/t(\"p\",{children:[\"Working with \",/*#__PURE__*/e(n,{href:\"https://www.techmatrix.co.jp/product/dispel/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"TechMatrix\"})}),\", a Dispel Japanese partner, the team showcased Dispel\u2019s IEC 62443 and NIST 800-82-aligned capabilities to provide easy and secure remote access to critical infrastructure and operational technology, and securely stream data to and from cloud and on-premises systems. Dispel integrates with a variety of complementary products and services, maximizing the value companies get from all the tools in their cybersecurity stack and simplifying day-to-day operations.\"]}),/*#__PURE__*/t(\"p\",{children:[\"\u201CWe are honored to have been awarded \",/*#__PURE__*/e(\"em\",{children:\"Best in Show\"}),\". Interop\u2019s recognition showcases the strength and importance of our channel partners, and the valued work TechMatrix performs in Japan,\u201D said Ethan Schmertzler, CEO of Dispel. \u201CSecure Remote Access to industrial control systems remains a critical efficiency and cybersecurity need for all manufacturing companies, government agencies, and utilities.\u201D\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"Award-Winning Dispel Secure Remote Access Highlights:\"})}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Secure remote access for operators, third-parties, and vendors.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Network segmentation and encrypted data streaming from local assets to cloud and on-premises infrastructure.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Full audit, session recording, logging, and SIEM/SOC integrations.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Privileged access management including SSO, MFA, vendor-self onboarding, and password vaulting.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Virtual desktop workstations as a service so remote users can access the tools they need during sessions and work together.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Asset management for IT and OT devices, including IP, make, model information, and asset discovery integrations.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Extensive platform integrations to IAM/PAM, detection, service management, SIEM, XDR, and on-premises and cloud infrastructure.\"})})]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"About Dispel\"})}),/*#__PURE__*/t(\"p\",{children:[\"Dispel is a leading provider of zero trust remote access, data streaming, and DMZ unification for industrial control systems. Founded in 2015, Dispel serves clients representing roughly half a trillion dollars in annual manufactured output worldwide. For more information, please visit\\xa0\",/*#__PURE__*/e(n,{href:\"https://stats.nwe.io/x/html?final=aHR0cDovL3d3dy5kaXNwZWwuY29tLw&sig=YQr1wKa9BpIEnYooFiQf_7-gOY7kswbhqWgU4dNwIcddVR-wNyq6AZ6PK9Uw1ln5CuWLs8riwUswP3qbpHs7Bg&hit%2Csum=WyI0Ynh2ZjkiLCI0Ynh2ZmEiLCI0Ynh2ZmIiXQ\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"www.dispel.com\"})}),\".\"]})]});export const richText8=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"NEW YORK, May 24, 2024\"}),\" - Dispel is pleased to announce the Board's appointment of Anton Aberg to the position of Chief Product Officer (CPO). Anton has been an integral part of Dispel's journey since its early beginnings, and his elevation to CPO reflects his exceptional leadership, dedication, and contribution to the company's success as a leading provider of zero trust remote access, data streaming, managed attribution, and DMZ unification for industrial control systems.\"]}),/*#__PURE__*/e(\"p\",{children:\"As an early member of Dispel, Anton played a pivotal role in shaping the platform from the ground up. He worked closely with the C-suite and co-founders and helped develop and refine Dispel's secure communications product. Anton's promotion comes with the creation of a growing Product team at Dispel, with his role including oversight over Dispel's talented product managers and designers.\"}),/*#__PURE__*/e(\"p\",{children:'\"We\\'ve watched as Anton has taken lead on new features and led new product managers as they\\'ve joined the team with passion and tenacity,\" says Ethan Schmertzler, CEO. \"His promotion has been a long time coming, and we\\'re so excited to see what more Anton will bring with his unparalleled expertise in Dispel and as we head into a new stage of growth. A well-deserved congratulations, Anton.\"'}),/*#__PURE__*/e(\"p\",{children:\"In his new role as Chief Product Officer, Anton will continue to drive Dispel's product strategy, ensuring cohesive, consistent and industry-leading solutions that delight customers and drive growth.\"}),/*#__PURE__*/e(\"p\",{children:\"Prior to joining Dispel, Anton served as the Head of Design at TripleMint, a leading real estate technology company. He developed internal tooling for agents and teams, as well as spearheading various design initiatives to enhance visual branding and user experience. Anton holds a BBA (Bachelor's Business Administration degree) from the University of Hawai\u02BBi at M\u0101noa, having taken an exciting opportunity to study at the National University of Singapore during his last semester.\"})]});export const richText9=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"h3\",{children:\"EPA Increasing Audit & Enforcement of Cybersecurity Rules\"}),/*#__PURE__*/t(\"p\",{children:[\"The Environmental Protection Agency (EPA) has recently issued an \",/*#__PURE__*/e(n,{href:\"https://www.epa.gov/enforcement/enforcement-alert-drinking-water-systems-address-cybersecurity-vulnerabilities\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Enforcement Alert\"})}),\" stressing the critical need for drinking water systems to immediately bolster their cybersecurity defenses. As cyberattacks on critical infrastructure, including community water systems (CWSs), become more frequent and sophisticated, the potential consequences for public health and safety have grown significantly. A successful cyberattack could disrupt water treatment and distribution processes, potentially leading to the contamination of water supplies and posing severe risks to communities.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Federal agencies, including the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA), and the Environmental Protection Agency (EPA), have issued multiple warnings about cyber threats targeting water and wastewater systems. Nation-state actors such as the \",/*#__PURE__*/e(n,{href:\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Iranian Government Islamic Revolutionary Guard Corps\"})}),\" (IRGC), \",/*#__PURE__*/e(n,{href:\"https://www.cisa.gov/resources-tools/resources/defending-ot-operations-against-ongoing-pro-russia-hacktivist-activity\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Russian state-sponsored entities\"})}),\", and \",/*#__PURE__*/e(n,{href:\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"People\u2019s Republic of China (PRC) state-sponsored cyber actors\"})}),\", including Volt Typhoon and Vanguard Panda, have been implicated. These adversaries have disrupted water systems and may have embedded capabilities to disable them in the future.\"]}),/*#__PURE__*/t(\"p\",{children:[\"To combat these threats, the EPA has outlined several key actions that drinking water systems should implement immediately. These actions include reducing the exposure of critical systems to the internet, conducting regular and thorough cybersecurity assessments, and developing comprehensive incident response plans. Beyond criminal and civil enforcement actions for failures to comply, the EPA, CISA, and FBI strongly recommend system operators take steps outlined in the \",/*#__PURE__*/e(n,{href:\"https://www.cisa.gov/news-events/alerts/2024/02/23/updated-top-cyber-actions-securing-water-systems\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"em\",{children:\"Top Actions for Securing Water Systems\"})})}),\", which include:\"]}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Reduce exposure to public-facing internet.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Conduct regular cybersecurity assessments.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Change default passwords immediately.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Conduct an inventory of OT/IT assets.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Develop and exercise cybersecurity incident response and recovery plans.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Backup OT/IT systems.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Reduce exposure to vulnerabilities.\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Conduct cybersecurity awareness training.\"})})]}),/*#__PURE__*/e(\"h3\",{children:\"Violations and enforcement\"}),/*#__PURE__*/t(\"p\",{children:[\"Since September 2023, \",/*#__PURE__*/e(n,{href:\"https://www.epa.gov/enforcement/enforcement-alert-drinking-water-systems-address-cybersecurity-vulnerabilities\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"over 70%\"})}),\" of systems inspected by the EPA have violated basic SDWA 1433 requirements, missing critical sections in their Risk and Resilience Assessments (RRA) and Emergency Response Plans (ERP). Inspectors found significant cybersecurity vulnerabilities, such as unchanged default passwords, shared logins, and access retained by former employees. Inadequate RRAs and ERPs often lacked assessments of system resilience and strategies for cybersecurity improvements. These violations compromise operational safety and compliance.\"]}),/*#__PURE__*/t(\"p\",{children:[\"As part of the EPA\u2019s multi-year National Enforcement and Compliance Initiative\u2014\",/*#__PURE__*/e(n,{href:\"https://www.epa.gov/enforcement/national-enforcement-and-compliance-initiative-increasing-compliance-drinking-water\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Increasing Compliance with Drinking Water Standards\"})}),\"\u2014inspectors are intensifying checks on CWS compliance with SDWA Section 1433. Given the identified vulnerabilities and recent cyberattacks the EPA has signaled it intends to increase cybersecurity-focused inspections and has stated that if vulnerabilities pose imminent risks to public health, enforcement actions under SDWA Section 1431 may be necessary to mitigate these dangers.\"]}),/*#__PURE__*/e(\"h3\",{children:\"Requirements Under Section 1433 of the Safe Drinking Water Act\"}),/*#__PURE__*/e(\"p\",{children:\"Section 1433 of the Safe Drinking Water Act requires community water systems serving over 3,300 people to conduct Risk and Resilience Assessments (RRAs), develop Emergency Response Plans (ERPs), and certify their completion to the EPA. Additionally, systems must review their RRA and ERP every five years, revise them if necessary, and certify completion of these steps to EPA. These assessments must address natural hazards, malevolent acts (including cyberattacks), and resilience strategies. The emergency response plans must detail strategies for responding to the identified risks and ensuring the continuity of water services during and after an incident. This regulatory framework aims to ensure that water systems are well-prepared to handle various threats, safeguarding public health and water supply reliability.\"}),/*#__PURE__*/e(\"h3\",{children:\"How Dispel Helps CWSs Achieve Section 1433 Compliance and Process Efficiency\"}),/*#__PURE__*/e(\"p\",{children:\"Dispel's Zero Trust Engine offers Secure Remote Access and Continuous Threat Detection designed to address the requirements of the water sector. Here\u2019s how:\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/t(\"li\",{\"data-preset-tag\":\"h4\",children:[/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Reducing Internet Exposure\"})}),/*#__PURE__*/e(\"p\",{children:\"Dispel's Secure Remote Access provides a secure, encrypted connection for remote access to critical water system controls and implements a zero trust set of controls around and in the perimeter. By using Dispel's technology, water systems can minimize their exposure to the internet, significantly reducing the risk of unauthorized access and cyberattacks and aligns with the EPA's recommendation to limit internet exposure to essential systems.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})})]}),/*#__PURE__*/t(\"li\",{\"data-preset-tag\":\"h4\",children:[/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Regular Cybersecurity Assessments\"})}),/*#__PURE__*/e(\"p\",{children:\"Dispel's Continuous Threat Detection continuously monitors the zero trust network for any signs of malicious behavior or vulnerabilities. This real-time monitoring ensures that any potential threats are identified and addressed promptly, enabling water systems to maintain a robust cybersecurity posture. This proactive approach supports the EPA's call for regular cybersecurity assessments and ongoing vigilance against potential threats. Monitoring and response are a pillar of assessments by providing testing and response pieces of assessments.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})})]}),/*#__PURE__*/t(\"li\",{\"data-preset-tag\":\"h4\",children:[/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Change default passwords\"})}),/*#__PURE__*/e(\"p\",{children:\"Dispel password vaulting allows operators to use unique logins for all assets inside their networks immediately, and supports authenticator cycling on supported assets. Dispel allows operators to connect to IT and OT assets without needing to know the credentials to the target system, so long as they are in an approved session.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})})]}),/*#__PURE__*/t(\"li\",{\"data-preset-tag\":\"h4\",children:[/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Conduct an inventory of OT/IT assets\"})}),/*#__PURE__*/t(\"p\",{children:[\"Dispel asset inventory systems both allow for manual inventorying as well as \",/*#__PURE__*/e(n,{href:{hash:\":kwC5tc6Cu\",webPageId:\"WlGEkgU4w\"},motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"integrations \"})}),\"for automated inventorying of cyber physical systems. These then allow granular per-user, port, and protocol enforcement of access control rules.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})})]}),/*#__PURE__*/t(\"li\",{\"data-preset-tag\":\"h4\",children:[/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Comprehensive Incident Response Plans\"})}),/*#__PURE__*/e(\"p\",{children:\"In the event of a cybersecurity incident, having a well-defined response plan is crucial. Dispel's solutions include features that facilitate quick identification, isolation, and mitigation of cyber threats. The ability to rapidly respond to incidents helps water systems minimize downtime and mitigate the impact of any potential cyberattacks, fulfilling the EPA's requirement for robust incident response planning.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})})]}),/*#__PURE__*/t(\"li\",{\"data-preset-tag\":\"h4\",children:[/*#__PURE__*/e(\"h4\",{children:/*#__PURE__*/e(\"strong\",{children:\"Compliance with the Safe Drinking Water Act\"})}),/*#__PURE__*/e(\"p\",{children:\"By integrating Dispel's Secure Remote Access and Continuous Threat Detection into their operations, water systems can ensure compliance with Section 1433 of the Safe Drinking Water Act. These tools help in conducting risk and resilience assessments and developing emergency response strategies that are essential for protecting public health and ensuring the continuous supply of safe drinking water.\"})]})]}),/*#__PURE__*/e(\"h2\",{children:\"Where to go from here to get compliant\"}),/*#__PURE__*/e(\"p\",{children:\"The EPA's recent enforcement alert underscores the importance of cybersecurity in protecting our nation's drinking water systems. By adopting advanced cybersecurity solutions like those offered by Dispel, water systems can significantly enhance their defenses against cyber threats. Secure Remote Access and Continuous Threat Detection provide the necessary tools to reduce internet exposure, perform regular assessments, and ensure rapid response to incidents, aligning with the EPA's stringent requirements. Ensuring the safety and reliability of drinking water infrastructure is paramount, and Dispel's solutions offer a comprehensive approach to achieving this goal.\"})]});export const richText10=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"NEW YORK, May 16, 2024 - \"}),\"Dispel today announced its Board of Directors appointed Dean Macris as the company\u2019s Chief Information Security Officer (CISO). In this role, Dean shall be responsible for Dispel\u2019s corporate and product alignment with NIST 800-53, NIST 800-171, NIST 800-172, NERC CIP, IEC 62443, SOC 2, and ISO 27001.\"]}),/*#__PURE__*/e(\"p\",{children:\"\u201CGiven the environments our systems are being asked to operate in, we needed someone who recognized cybersecurity was not only a programming and process problem, but also an electromagnetic problem,\u201D said Chris DiLorenzo, Dispel\u2019s CTO. \u201CDean has that firsthand knowledge.\u201D\"}),/*#__PURE__*/e(\"p\",{children:\"Dean brings extensive cybersecurity experience to Dispel in both operational technology and information technology. His previous responsibilities include serving as the Theater Operations Officer of U.S. Forces Korea; Cyber Technical Director for Naval Special Warfare; managing General Dynamics Electric Boat company\u2019s Signature Secret Network, their largest classified information system; and teaching as an instructor of Cyber Systems at the United States Coast Guard Academy, where he led the development of the Seagoing Vessel Testbed (SVT) for Industrial Controls that sits in the Control Environment Laboratory Resource (CELR). Dean continues his service as a Lieutenant Commander in the U.S. Navy.\"}),/*#__PURE__*/e(\"p\",{children:\"Dean\u2019s responsibilities shall include contributing to engineering and product design throughout the system lifecycle. \u201CWe wanted someone who would work to meet the spirit, as well as the letter, of cybersecurity standards,\u201D said Ian Schmertzler, Dispel\u2019s President and Co-founder. \u201CThat is not only the right thing to do, but also a competitive differentiator in our markets.\u201D\"}),/*#__PURE__*/e(\"p\",{children:\"Dean holds a BS in Systems Engineering from the U.S. Merchant Marine Academy and an MBA from the University of Connecticut. Continuing his studies, Dean is a National Security and Strategic Studies Master\u2019s student at the U.S. Naval War College and a Computer Engineering PhD student at the University of Rhode Island.\"})]});export const richText11=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"NEW YORK, March 1, 2024 -\\xa0Dispel and Mitsubishi Electric Corporation (TOKYO: 6503) today announced an agreement to expand their Operational Technology (OT) security businesses through marketing and technical development.\"}),/*#__PURE__*/t(\"p\",{children:[\"Based on this agreement, \",/*#__PURE__*/e(n,{href:\"https://us.mitsubishielectric.com/fa/en/news-and-events/2024/march/dispel-launch/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Mitsubishi Electric will integrate\"})}),\" its factory-automation (FA) equipment and OT security solutions with Dispel's secure remote-access technology to provide a Zero Trust Remote Access Service that enables comprehensive monitoring and control of industrial processes. For Mitsubishi Electric, the goal is to accelerate digital manufacturing by enabling secure data utilization throughout the entire product lifecycle \u2014 from design and installation to operation and maintenance \u2014 thereby strengthening the company's Circular Digital-Engineering business.\"]}),/*#__PURE__*/e(\"p\",{children:'\"At Mitsubishi Electric, we are creating new value in OT security by combining our OT technology and expertise in manufacturing with information-system security technologies from leading security vendors,\" said Kunihiko Kaga, Mitsubishi Electric\\'s Representative Executive Officer and Industry and Mobility Business Area Owner. \"Through our collaboration with Dispel, we expect to contribute to OT security and society as a whole by providing secure environments for remote maintenance.\"'}),/*#__PURE__*/e(\"p\",{children:'\"What matters to industrial customers is uptime, availability, and crew safety,\" said Ian Schmertzler, President of Dispel. \"Cyber security should not be something they need to worry about, but the shifting regulatory and threat landscape has made it impossible to ignore. By providing a Zero Trust Access platform aligned with NIST 800-53 to their customer base, Mitsubishi Electric is making it possible for their clients to refocus on what matters.\"'}),/*#__PURE__*/e(\"p\",{children:\"Dispel \u2014 recognized for its work in critical sectors including oil & gas, manufacturing, food & beverage production, utilities, automotive, and defense \u2014 develops end-to-end, Moving Target Defense-based OT network solutions focused on enabling rigorous access control and sustained asset visibility. Dispel\u2019s approach provides significant security and operational efficiency advantages over legacy VPN and proxy solutions through automation, standards alignment, and integrations with industry peers.\\xa0\"}),/*#__PURE__*/e(\"p\",{children:\"With over 20 million hours of safe operation, Dispel\u2019s Zero Trust Remote Access platform goes beyond traditional solutions to provide the comprehensive suite of features needed in high-value operational technology settings, such as password vaulting, privileged access management, session recording, vendor self-management, just-in-time access, and endpoint isolation.\"}),/*#__PURE__*/e(\"p\",{children:\"This partnership signifies a determined, shared commitment by Dispel and Mitsubishi Electric Corporation to extend OT cybersecurity capabilities, offering secure, efficient, and resilient operational solutions to the entire industrial consumer base.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"About Dispel\"})}),/*#__PURE__*/t(\"p\",{children:[\"Dispel is a leading provider of zero trust remote access and moving target defense networks. Founded in 2015, with offices in New York, Austin, Washington, D.C., and Tokyo, Dispel serves industrial and defense clients worldwide, protecting over $280 billion of manufacturing and the utilities covering over 47 million people each year. Dispel\u2019s secure remote access, data streaming, and asset visibility platform enhances cybersecurity and efficiency capabilities for operational technology in a variety of industrial and military applications. For more information, please visit \",/*#__PURE__*/e(n,{href:\"https://dispel.com/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"www.dispel.com\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"About Mitsubishi Electric Corporation\\xa0\"})}),/*#__PURE__*/t(\"p\",{children:[\"With more than 100 years of experience in providing reliable, high-quality products, Mitsubishi Electric Corporation (TOKYO: 6503) is a recognized world leader in the manufacture, marketing and sales of electrical and electronic equipment used in information processing and communications, space development and satellite communications, consumer electronics, industrial technology, energy, transportation and building equipment. Mitsubishi Electric enriches society with technology in the spirit of its \u201CChanges for the Better.\u201D The company recorded a revenue of 5,003.6 billion yen (U.S.$ 37.3 billion*) in the fiscal year ended March 31, 2023. For more information, please visit \",/*#__PURE__*/e(n,{href:\"https://www.mitsubishielectric.com/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"www.MitsubishiElectric.com\"})}),\".\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"em\",{children:\"*U.S. dollar amounts are translated from yen at the rate of \\xa5134=U.S.$1, the approximate rate on the Tokyo Foreign Exchange Market on March 31, 2023 \\xa0\"})]})]});export const richText12=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"Dispel Device Posture Checking helps ensure that if a device isn't secure, it can't connect to your infrastructure. \"})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"Posture Checking is an advanced feature integrated within the Dispel Application, designed to scrutinize the security status of remote endpoint attempting to connect to your network. This feature is not just a gatekeeper but also an enforcer of security protocols, aligning devices cybersecurity policies.\"})}),/*#__PURE__*/e(\"p\",{children:\"Dispel Posture Checking is part of Dispel's proactive security measures designed to stop breaches before they happen by integrating controls into everyday remote access actions.\"}),/*#__PURE__*/e(\"h2\",{children:\"Key Features\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Multi-Platform Compatibility:\"}),\" Dispel\u2019s Posture Checking is supported natively in our Mac and Windows apps. Posture Checking deploys with all installations minimizing IT complexity for secure remote access.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Policy Enforcement:\"}),\" Posture Checking enforces predefined rules, like specific operating system requirements, to validate the security hygiene of a device before allowing remote access to your industrial control systems.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Automatic Access Denial:\"}),\" In cases where a device's security posture fails to meet the established criteria, access is automatically denied. This holds true even for devices belonging to known employees, so you're never exposed.\"]})})]}),/*#__PURE__*/e(\"h2\",{children:\"What is Posture Checking?\"}),/*#__PURE__*/e(\"p\",{children:\"Posture checking refers to the process of evaluating and verifying the security status of a device before it accesses a network. This involves checking whether the device adheres to a set of predefined security standards, such as up-to-date antivirus software, operating system patches, and compliance with specific security policies.\"}),/*#__PURE__*/e(\"h2\",{children:\"Why is Posture Checking Important?\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Preventing Unauthorized Access:\"}),\" Ensures that only devices meeting strict security criteria can access the network, reducing the risk of cyber threats.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Compliance with Regulations:\"}),\" Many industries are governed by stringent data security regulations. Posture checking helps in maintaining compliance and avoiding potential legal penalties.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Maintaining Network Integrity:\"}),\" By allowing only secure devices on the network, the overall integrity and reliability of the network are preserved.\"]})})]}),/*#__PURE__*/e(\"p\",{children:\"For sectors like manufacturing, utilities, and government, where operational technology (OT) systems are critical, the integration of Dispel's Device Posture Checking is particularly beneficial. It ensures that the devices interacting with industrial control systems are vetted for security compliance, helping safeguard against potential cyber threats that could disrupt operations or compromise sensitive information.\"}),/*#__PURE__*/e(\"h3\",{children:\"Pre-Flight Checks\"}),/*#__PURE__*/e(\"p\",{children:\"Before a remote access session begins, the endpoint's security posture is verified and then continuously monitored. Any changes or deviations from the set security standards can trigger automatic re-assessment or disconnection.\"}),/*#__PURE__*/e(\"h3\",{children:\"Seamless Integration\"}),/*#__PURE__*/e(\"p\",{children:\"Dispel Posture Checking comes embedded in our Mac and Windows applications. You can deploy our apps from the Apple App Store or through your MDM service for simple enterprise-wide distribution.\"}),/*#__PURE__*/e(\"h3\",{children:\"Gain Fleet Visibility\"}),/*#__PURE__*/e(\"p\",{children:\"While Dispel recommends isolating untrusted endpoints into disposable Virtual Desktops for clean sessions, apps are convenient ways for trusted devices within your fleet to make SD-WAN-based secure remote access connections to operational technology, SCADA systems, and industrial control systems. Posture Checking supports your fleet visibility efforts by enforcing perimeter security rules on every device before allowing a connection to be established.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"Dispel\u2019s Device Posture Checking is more than just a security feature; it\u2019s an essential component of a modern cybersecurity strategy. By understanding the concept of posture checking and its significance, and then implementing Dispel\u2019s advanced solution, organizations can significantly elevate their defense against digital threats, ensure compliance, and maintain the integrity of their network systems.\"})})]});export const richText13=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"Dispel's latest addition to its Zero Trust Access solutions, Dispel Vault, offers a robust, secure, and transparent method for managing and securing credentials to critical systems. This blog post examines the innovative features of Dispel Vault and their significance for organizations in sectors such as manufacturing, utilities, building management, and government who are implementing secure remote access to their industrial control systems (ICS) and operational technology (OT).\"})}),/*#__PURE__*/e(\"h2\",{children:\"The Risks of Sharing End-Device Password Credentials\"}),/*#__PURE__*/e(\"p\",{children:\"Sharing end-device password credentials with users presents several security and operational challenges. Firstly, the process of distributing these credentials to new or existing users is not only inconvenient but also prone to errors. It often involves insecure methods of transmission, such as email or messaging, which can be intercepted by unauthorized parties. Furthermore, the more individuals who have access to these credentials, the higher the risk of accidental or intentional knowledge spillage, potentially leading to security breaches. Additionally, managing and tracking who has access to what credentials can become cumbersome and error-prone, especially in large or rapidly changing environments.\"}),/*#__PURE__*/e(\"h2\",{children:\"Secure Credential Storage\"}),/*#__PURE__*/e(\"p\",{children:\"Dispel Vault introduces a centralized and secure credential storage system. Users can access devices without direct exposure to specific credentials, as these are securely and automatically applied during session initiation. This reduces the risk of credential exposure and simplifies the overall access management.\"}),/*#__PURE__*/e(\"h2\",{children:\"No Sharing Passwords\"}),/*#__PURE__*/e(\"p\",{children:\"A key principle of Dispel Vault is the elimination of password sharing among team members. By providing a system where passwords are centrally managed and not exposed to users, it significantly reduces the risks associated with credential transmission and knowledge spillage. This approach not only bolsters security but also streamlines the access process.\"}),/*#__PURE__*/e(\"h2\",{children:\"Dynamic Password Rotation\"}),/*#__PURE__*/e(\"p\",{children:\"Dispel Vault offers dynamic password rotation for devices that support this feature. This mechanism automatically changes device passwords at set intervals, further securing access points against attacks targeting static passwords. While this feature's applicability depends on the device's capability, it represents an important step in enhancing security for compatible systems.\"}),/*#__PURE__*/e(\"h2\",{children:\"Implementing Dispel Vault for Your Organization\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"Dispel Vault represents a significant advancement in secure remote access for operational technology and SCADA environments. By offering secure credential storage, eliminating password sharing, and supporting dynamic password rotation, Dispel Vault aligns with the principles of zero trust access, providing a more secure and efficient method for managing access to critical systems.\"})})]});export const richText14=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"In the time-sensitive world of Operational Technology (OT), professionals face the challenge of managing multiple systems efficiently and securely from a single pane of glass even when they're not at their main factory or plant operations room. Dispel's Zero Trust Access with multi-monitor viewing emerges as a revolutionary solution, transforming how OT environments are monitored and managed. This innovative feature not only enhances operational efficiency but also integrates critical audio alerts and supports diverse client needs, making it an indispensable tool for today's complex industrial landscapes. Discover how Dispel's cutting-edge technology is redefining the standards of operational management and security, and why it is becoming the go-to choice for industry leaders.\"})}),/*#__PURE__*/e(\"h1\",{style:{\"--framer-font-size\":\"20px\"},children:\"Key Benefits of Dispel's Multi-Monitor Viewing\"}),/*#__PURE__*/t(\"ul\",{style:{\"--framer-font-size\":\"16px\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{style:{\"--framer-font-size\":\"16px\"},children:[/*#__PURE__*/e(\"strong\",{children:\"Enhanced Operational Efficiency\"}),\": Streamlines programming and debugging across different systems, allowing OT personnel to manage multiple tasks simultaneously.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Comprehensive Situational Awareness\"}),\": Provides real-time visual access to various systems, enabling better decision-making and quicker response to issues.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Audio Passthrough Feature\"}),\": Ensures critical alarms and notifications are heard, enhancing safety and operational responsiveness.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Multi-Client Support for MSSPs\"}),\": Enables Managed Security Service Providers to efficiently monitor and manage multiple clients\u2019 systems from a unified interface.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{style:{\"--framer-font-size\":\"16px\"},children:[/*#__PURE__*/e(\"strong\",{children:\"Seamless Integration into OT Environments\"}),\": Designed to fit into existing workflows with minimal disruption, making it an ideal solution for diverse operational settings.\"]})})]}),/*#__PURE__*/e(\"h2\",{children:\"Addressing OT Challenges with Advanced Viewing Capabilities\"}),/*#__PURE__*/e(\"p\",{children:\"In the realm of Operational Technology (OT), professionals often grapple with the complexity of programming, debugging, and monitoring across disparate systems. This process can be cumbersome, especially when each system requires dedicated attention and screen space. Dispel's Zero Trust Access solution addresses this challenge head-on with its multi-monitor viewing feature. This capability allows OT personnel to have multiple remote systems displayed in real time across several desktop monitors. This is not just a convenience; it's a game-changer in terms of efficiency and accuracy.\"}),/*#__PURE__*/e(\"h2\",{children:\"Multi-Monitor Viewing: A Solution for Complex Environments\"}),/*#__PURE__*/e(\"p\",{children:\"Consider a scenario in a manufacturing plant, where engineers need to monitor assembly line automation systems, quality control parameters, and safety protocols simultaneously. Dispel\u2019s multi-monitor setup enables them to view these disparate systems side-by-side, streamlining the process of cross-referencing and decision-making. It's not just about seeing more; it's about achieving a comprehensive understanding of what's happening across the entire operational landscape.\"}),/*#__PURE__*/e(\"h2\",{children:\"The Importance of Audio Passthrough in OT Settings\"}),/*#__PURE__*/e(\"p\",{children:\"Audio signals, particularly alarms, play a crucial role in OT environments. Dispel recognizes this and incorporates audio passthrough in its Zero Trust Access solution. This feature ensures that operators don't just see what's happening across their systems, but also hear critical alarms and notifications. This audio-visual integration is vital for maintaining safety standards and responding swiftly to potential issues.\"}),/*#__PURE__*/e(\"h2\",{children:\"Empowering MSSPs with Multi-Client Support\"}),/*#__PURE__*/e(\"p\",{children:\"Managed Security Service Providers (MSSPs) serve a range of clients with diverse needs. Dispel\u2019s multi-monitor viewing is designed with multi-client support, allowing MSSPs to efficiently manage and monitor different client environments from a single, unified interface. This not only enhances the service delivery but also ensures that MSSPs can provide tailored, responsive support to each client.\"}),/*#__PURE__*/e(\"h2\",{children:\"A Step Forward in Operational Technology\"}),/*#__PURE__*/e(\"p\",{children:\"Dispel's multi-monitor viewing capability is more than a technical feature; it's a strategic tool that transforms how OT operations are managed. By addressing the challenges of multi-system programming and debugging, integrating crucial audio signals, and supporting the diverse needs of MSSPs, Dispel is setting a new standard in operational technology management. This innovation isn't just about seeing different systems; it's about seeing the bigger picture.\"})]});export const richText15=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"span\",{children:\"We're thrilled to announce that Dispel has been awarded the prestigious \\\"\"}),/*#__PURE__*/e(n,{href:\"https://sell.g2.com/g2-trust-badges\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:/*#__PURE__*/e(\"strong\",{children:\"High Performer\"})})})}),'\" badge in ',/*#__PURE__*/e(n,{href:\"https://company.g2.com/about?_gl=1*ndocwc*_ga*MjUyMDYxNjMzLjE2OTM1MzM5NDk.*_ga_MFZ5NDXZ5F*MTY5NzU4MzEzNy4xOS4xLjE2OTc1ODg1NzAuNTQuMC4w\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"G2's Fall 2023 Report\"})}),\", with an impressive rating of 4.8 out of 5.0 stars. This recognition on the peer-to-peer review platform for business software reflects our dedication to providing top-tier secure remote access solutions to our valued customers.\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),'\"',/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:\"G2 stands as the leading and highly reputable software marketplace, with over 80 million annual users, including employees at Fortune 500 companies. G2's platform empowers individuals to make informed software choices, relying on genuine peer reviews to guide their decisions\"}),'.\" - ',/*#__PURE__*/e(\"span\",{style:{\"--framer-font-size\":\"14px\",\"--framer-letter-spacing\":\"-0.004em\"},children:\"Source: \"}),/*#__PURE__*/e(n,{href:\"https://company.g2.com/about?_gl=1*ndocwc*_ga*MjUyMDYxNjMzLjE2OTM1MzM5NDk.*_ga_MFZ5NDXZ5F*MTY5NzU4MzEzNy4xOS4xLjE2OTc1ODg1NzAuNTQuMC4w\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"G2\"})})]}),/*#__PURE__*/t(\"p\",{style:{\"--framer-font-size\":\"16px\",\"--framer-line-height\":\"1.25em\"},children:[/*#__PURE__*/e(\"span\",{children:/*#__PURE__*/e(\"br\",{})}),/*#__PURE__*/e(n,{href:\"/features\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(0, 0, 0)\"},children:/*#__PURE__*/e(\"strong\",{children:\"What Is Dispel\"})})})}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),\"Dispel is at the forefront of secure remote access to industrial control systems, also known as OT (Operational Technology) infrastructure. Our platform offers a comprehensive suite of features, including: \",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:/*#__PURE__*/e(\"strong\",{children:\"Unified Identity & Access Management:\"})}),\" Seamlessly manage user identities and access permissions. \",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:/*#__PURE__*/e(\"strong\",{children:\"Logging and Session Recording:\"})}),\" Maintain a record of all activities for security and compliance purposes. \",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:/*#__PURE__*/e(\"strong\",{children:\"Disposable Systems:\"})}),\" Protect your infrastructure from ransomware and malware with disposable, ephemeral systems. \",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:/*#__PURE__*/e(\"strong\",{children:\"Moving Target Defense-based SD-WAN:\"})}),/*#__PURE__*/e(\"strong\",{children:\" \"}),\"Create dynamic, ever-changing connections to your facilities, enhancing security. \",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"span\",{style:{\"--framer-text-color\":\"rgb(105, 87, 211)\"},children:/*#__PURE__*/e(\"strong\",{children:\"Access Control List (ACL) Enforcement:\"})}),\" Strictly control and enforce access policies.\"]}),/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"313\",src:\"https://framerusercontent.com/images/yDWulQXmcsxTQVHZqVgP1uCUvE.png\",srcSet:\"https://framerusercontent.com/images/yDWulQXmcsxTQVHZqVgP1uCUvE.png?scale-down-to=512 512w,https://framerusercontent.com/images/yDWulQXmcsxTQVHZqVgP1uCUvE.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/yDWulQXmcsxTQVHZqVgP1uCUvE.png 1115w\",style:{aspectRatio:\"1115 / 627\"},width:\"557\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(n,{href:\"https://www.g2.com/products/dispel/reviews\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"strong\",{children:\"What Customers Are Saying About Dispel\"})})})]}),/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"406\",src:\"https://framerusercontent.com/images/ymzEwShv4sS00bPx3kkTeo9eu1o.png\",srcSet:\"https://framerusercontent.com/images/ymzEwShv4sS00bPx3kkTeo9eu1o.png?scale-down-to=512 512w,https://framerusercontent.com/images/ymzEwShv4sS00bPx3kkTeo9eu1o.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/ymzEwShv4sS00bPx3kkTeo9eu1o.png 1216w\",style:{aspectRatio:\"1216 / 812\"},width:\"608\"}),/*#__PURE__*/e(n,{href:\"https://www.g2.com/products/dispel/reviews/dispel-review-8726324\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{className:\"framer-image\",\"data-preset-tag\":\"img\",children:/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"537\",src:\"https://framerusercontent.com/images/T5KKfNmpfLVbSmMHTmHu6kcxk.png\",srcSet:\"https://framerusercontent.com/images/T5KKfNmpfLVbSmMHTmHu6kcxk.png?scale-down-to=512 512w,https://framerusercontent.com/images/T5KKfNmpfLVbSmMHTmHu6kcxk.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/T5KKfNmpfLVbSmMHTmHu6kcxk.png 1216w\",style:{aspectRatio:\"1216 / 1074\"},width:\"608\"})})}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"span\",{children:/*#__PURE__*/e(\"strong\",{children:\"Get an insider's perspective on our product's performance\u2014\"})}),/*#__PURE__*/e(n,{href:\"https://www.g2.com/products/dispel/reviews\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:/*#__PURE__*/e(\"span\",{children:/*#__PURE__*/e(\"strong\",{children:\"explore G2 reviews to see why customers choose us\"})})})}),/*#__PURE__*/e(\"span\",{children:/*#__PURE__*/e(\"strong\",{children:\". \"})})]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:\"Our customers appreciate the simplicity, security, and exceptional customer support that Dispel provides. We are honored to receive such positive feedback and look forward to continuing to meet and exceed the expectations of our users.\\xa0\"})}),/*#__PURE__*/e(n,{href:\"https://www.g2.com/products/dispel/reviews\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{className:\"framer-image\",\"data-preset-tag\":\"img\",children:/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"313\",src:\"https://framerusercontent.com/images/R1CPOjh1ftCEaTUPFdnmYleao.png\",srcSet:\"https://framerusercontent.com/images/R1CPOjh1ftCEaTUPFdnmYleao.png?scale-down-to=512 512w,https://framerusercontent.com/images/R1CPOjh1ftCEaTUPFdnmYleao.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/R1CPOjh1ftCEaTUPFdnmYleao.png 1115w\",style:{aspectRatio:\"1115 / 627\"},width:\"557\"})})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{children:/*#__PURE__*/e(\"br\",{})})}),/*#__PURE__*/e(\"p\",{children:\"\\xa0\"})]});export const richText16=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Next Gen Zero Trust Access (ZTA)\\xa0\",/*#__PURE__*/e(\"strong\",{children:\"uses a combination of identity management, automated segmentation, control rules, disaster recovery intelligence, and session recording, so known and unknown attacks can be immediately prevented clear device control can be maintained.\"}),\"\\xa0ZTA is cloud-based, which allows it to be deployed in hours instead of months, and the burden of maintaining software, managing jump hosts, and updating user access windows is eliminated.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/t(\"strong\",{children:[\"Expert Note \",/*#__PURE__*/e(\"br\",{}),\"ZTA is the next step in access management, using an integrated approach to deliver more complete and effective facility security than is possible with legacy access tools.\"]})}),/*#__PURE__*/e(\"h2\",{children:\"Next Gen ZTA vs Legacy Access\"}),/*#__PURE__*/e(\"img\",{alt:\"ZTA vs Legacy Access: Protection against Advanced Persistent Threats: Uses a combination of identity & access management, granular access control list rules, moving target defense, and session recording. - Relies on VPN and set rules which are slow to update and ineffective against sophisticated attacks.; Level of control and visibility: Combined cybersecurity achieves mutually complementary visibility down to time, user, device, port, and protocol access. - Access is unrestricted after the legacy access point and no session visibility is maintained. Updates are manual and slow.; Time-to-value: Implementation takes hours - Implementation takes months.\",className:\"framer-image\",height:\"475\",src:\"https://framerusercontent.com/images/gHvTvAdxfBVn8SQsgxC6nwEieg.png\",srcSet:\"https://framerusercontent.com/images/gHvTvAdxfBVn8SQsgxC6nwEieg.png?scale-down-to=512 512w,https://framerusercontent.com/images/gHvTvAdxfBVn8SQsgxC6nwEieg.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/gHvTvAdxfBVn8SQsgxC6nwEieg.png 1310w\",style:{aspectRatio:\"1310 / 950\"},width:\"655\"}),/*#__PURE__*/e(\"p\",{children:\"In the early days of Legacy Access, IT teams actually used to allow a direct VPN into a network from an endpoint. This was because per-user access control list rules did not exist yet. The only other option was using numerous concentrators, which take a long time to set up and maintain. So IT teams used single-tenant VPN tunnels based on perimeter security. This meant an endpoint was trusted once it established a VPN connection, with relatively little control over it inside the network once they were in.\"}),/*#__PURE__*/e(\"p\",{children:\"IT teams used Legacy Access from the 1990s through 2010s, and they worked well, except for when they didn\u2019t. They had one key issue: when Legacy Access connected an endpoint to a device, there is direct bi-directional data transfer. When the endpoint is secure, this is okay. But even with a small amount of malware, each time you connect an endpoint the malware is trying to transfer across the perimeter and into the network and its devices. Combine that with the wide access once within the perimeter and limitations of detection, and Legacy Access tools were known to allow attackers into networks.\"}),/*#__PURE__*/e(\"h3\",{children:\"Protection against Advanced Persistent Threats\"}),/*#__PURE__*/e(\"p\",{children:\"Legacy Access focuses on protecting the tunnel between a remote site and an endpoint. Legacy Access relies on encryption, such as VPNs, and manually configured user rules to secure the remote session. This approach has become obsolete as sophisticated attackers have found other ways around Legacy Access defenses, such as leveraging phishing attacks that use malware, ransomware, and human error to launch attacks. 80% of companies are estimated to have experienced a ransomware attack, with nearly 50% impacting OT/industrial control system (ICS) environments.\"}),/*#__PURE__*/e(\"p\",{children:\"Legacy Access leaves companies constantly in a defensive mode, with static VPNs that are easily identified, mapped, and targeted. Companies using Legacy Access are only able to defend against attacks at human speed and without any visibility to know when one is happening. That approach was what was the best at the time but today, with threats and operational efficiencies, it is now inadequate.\"}),/*#__PURE__*/e(\"p\",{children:\"Zero Trust Access eliminates these shortcomings by combining multiple cybersecurity capabilities\u2014such as identity & access management, moving target defense, session recording, continuous monitoring, and request access windows\u2014into one integrated approach to achieve mutually complementary effects that eliminates the entirely reactive posture Legacy Access put companies in.\"}),/*#__PURE__*/e(\"h3\",{children:\"Level of control and visibility\"}),/*#__PURE__*/e(\"p\",{children:\"Legacy Access was designed to secure the connection from an endpoint to the network edge. Some Legacy Access tools go a bit beyond and allow IT managers to specify which protocols are allowed through the tunnel, such as SSH or FTP. That is where Legacy Access tools tend to stop though. They are, in essence, VPN tools. They do not drill down into the network, and they are not highly integrated cross-functional cybersecurity platforms. Modern ZTA gives extensive control and visibility down to designating exactly which IPs, ports, and protocols are permitted per device within the network. Moreover, Legacy Access did and does not isolate a connecting endpoint from the systems that endpoints talk to. This means malware and ransomware pass through during a session.\"}),/*#__PURE__*/e(\"p\",{children:\"Next Gen ZTA solves the problems in control and visibility inherent in Legacy Access. With ZTA, administrators know exactly what is in their network; who has access to what; when they have that access; what they do during the session; and sandboxes all session to prevent malware attacks. ZTA platforms with moving target defense mitigate reconnaissance efforts.\"}),/*#__PURE__*/e(\"h3\",{children:\"Time-to-value\"}),/*#__PURE__*/e(\"p\",{children:\"ZTA platforms automate the manual aspects of Legacy Access and thereby eliminate the need for maintaining VPN concentrators, jump boxes, manual VDIs, and bastions. Patching and continuous hardening are also maintained by Software-as-a-Service (SaaS) ZTA products.\"}),/*#__PURE__*/e(\"p\",{children:\"ZTA tools can be deployed in minutes, not days, and require no manual upkeep. The time-to-value of Next Gen ZTA can therefore be measured in weeks not years. In these calculations, the total value must be defined by considering three items: the price of the product, the human time spent running it, and the cost of testing and compliance. Because they are at end-of-life, Legacy Access tools are generally inexpensive. But they must be manually managed by security teams\u2014generally the most expensive piece\u2014and many if not all do not come with modern compliance certifications such as SOC 2 Type 2 and ISO 27001 audit reports or alignment documentation against IEC 62443; NERC-CIP Section 5; and NIST CSF, 800-53, 800-82, or 800-160 Volume 2. Such certifications and assessments may cost several multiples of the base price of Legacy Access.\"}),/*#__PURE__*/e(\"h2\",{children:\"What to look for in a Next-Generation ZTA Solution?\"}),/*#__PURE__*/e(\"p\",{children:\"An efficient Next Gen ZTA solution will leverage modern technologies to counter evolving tactics, techniques, and procedures utilized by adversaries to attack organizations, ranging from widespread malware and ransomware to sophisticated reconnaissance and lateral attacks. Here are the protection capabilities to look for:\"}),/*#__PURE__*/e(\"p\",{children:\"\\xa0\"}),/*#__PURE__*/e(\"img\",{alt:\"\",className:\"framer-image\",height:\"315\",src:\"https://framerusercontent.com/images/vQwNjYDFR29x4BDdl4S1v23nmk.png\",srcSet:\"https://framerusercontent.com/images/vQwNjYDFR29x4BDdl4S1v23nmk.png?scale-down-to=512 512w,https://framerusercontent.com/images/vQwNjYDFR29x4BDdl4S1v23nmk.png 950w\",style:{aspectRatio:\"950 / 630\"},width:\"475\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"br\",{className:\"trailing-break\"})}),/*#__PURE__*/e(\"h3\",{children:\"Gaining visibility & control\"}),/*#__PURE__*/t(\"ul\",{style:{\"--framer-font-size\":\"18px\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Identity & Access Management (IAM):\"}),\"\\xa0IAM is responsible for identifying and authenticating users and devices and authorizing them to access resources. IAM includes components such as time-based access windows, multi-factor authentication, identity federation, and role-based access control.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Asset Management:\"}),\"\\xa0Asset management tools are responsible for registering and tracking all devices on the network. This includes assigning IP addresses, ports, and protocols permissible for network activity. Asset management tools give organizations visibility into their network, making it easier to identify and manage potential security risks. By tracking all devices on the network, organizations can ensure that only authorized devices are connected to the network, and that they are operating within the expected parameters. This helps to prevent unauthorized changes to the network and ensures that critical systems are protected from cyber threats.\"]})})]}),/*#__PURE__*/e(\"h3\",{children:\"Prevention of targeted attacks\"}),/*#__PURE__*/t(\"ul\",{style:{\"--framer-font-size\":\"18px\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Moving Target Defense:\"}),\"\\xa0A moving target defense (MTD) tool prevents vulnerability exploitation and target analysis by attackers. MTD networks significantly increase the cost of targeting and attacking OT systems by rendering reconnaissance intelligence obsolete and useless in an hourly or daily basis. MTD networks are also critical for dealing with ransomware, since they can automatically patch their components.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Network Segmentation:\"}),\"\\xa0Network segmentation is the process of dividing a network into smaller segments, each with its own security controls. Segmented networks limit the exposure of critical systems and reduce the risk of lateral movement by attackers.\"]})})]}),/*#__PURE__*/e(\"h3\",{children:\"Prevention of malware & ransomware\"}),/*#__PURE__*/t(\"ul\",{style:{\"--framer-font-size\":\"18px\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Endpoint Isolation:\"}),\"\\xa0Endpoint isolation involves securing devices and systems that are connected to the network, including computers and mobile devices. This disposable intermediate infrastructure, such as hardened, cycling virtual desktops.\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Network Encryption and Tunneling:\"}),\"\\xa0Network encryption and tunneling secures traffic to and from the industrial control system over the public internet against intercepted data being read by unauthorized parties. In particular, a Virtual Private Network (VPN) or Software Defined-Wide Area Network (SD-WAN) can provide a secure and encrypted connection between multiple endpoints over a public network such as the internet.\"]})})]}),/*#__PURE__*/e(\"h3\",{children:\"Security monitoring integration\"}),/*#__PURE__*/t(\"ul\",{style:{\"--framer-font-size\":\"18px\"},children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Monitoring and Analytics:\"}),\"\\xa0Monitoring and analytics tools provide visibility into network activity and detect anomalies and threats in real-time. This includes session recording, network activity logs, keystroke logging and integrations with tools such as Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA).\"]})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Security Operations Center:\"}),\"\\xa0A security operations center (SOC) is a centralized unit responsible for monitoring and responding to security incidents. The SOC is staffed by security professionals who use advanced tools and techniques to detect and respond to security incidents.\"]})})]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/t(\"strong\",{children:[\"Expert note\",/*#__PURE__*/e(\"br\",{}),\"Did you know that Legacy Access have had vulnerabilities found in their VPN systems allowing an attacker to take control of an affected system? Compare the performance of your current Legacy Access and see what your system is missing.\"]})}),/*#__PURE__*/e(\"h2\",{children:\"How ZTA Works\"}),/*#__PURE__*/e(\"p\",{children:\"A ZTA system is a security model that requires all users and devices to be authenticated and authorized before being granted access to a target system. It assumes that all users and devices, even those inside the network, are potentially a security risk and should not be trusted by default.\"}),/*#__PURE__*/e(\"p\",{children:\"A complete ZTA platform should follow guidelines appropriate to the sector the enterprise is operating in, such as NIST CSF, 800-53, 800-82, and IEC 62443. Modern guidelines generally call for all the following components: IAM, network encryption and tunneling, moving target defense, network segmentation, endpoint isolation, monitoring and analytics, asset management, and a SOC. By following guidelines from various reference frameworks, organizations can ensure that their ZTA system is comprehensive and effective in attack prevention.\"}),/*#__PURE__*/e(\"h3\",{children:\"Compare and contrast\"}),/*#__PURE__*/e(\"img\",{alt:\"ZTA vs Legacy Access: Identity & Access Management, Network Encryption & Tunneling, Moving Target Defense, Network Segmentation, Endpoint Isolation, Monitoring & Analytics, Asset Management, SOC Integration\",className:\"framer-image\",height:\"732\",src:\"https://framerusercontent.com/images/rIzmqFLLWua7sZPPMEvcN9Dlc.png\",srcSet:\"https://framerusercontent.com/images/rIzmqFLLWua7sZPPMEvcN9Dlc.png?scale-down-to=1024 674w,https://framerusercontent.com/images/rIzmqFLLWua7sZPPMEvcN9Dlc.png 964w\",style:{aspectRatio:\"964 / 1464\"},width:\"482\"}),/*#__PURE__*/e(\"h2\",{children:\"Integrated OT ZTA Solutions Are Significantly Faster\"}),/*#__PURE__*/e(\"p\",{children:\"Using a fully integrated ZTA system, like Dispel, is significantly more efficient for operators and administrators because it provides a single, centralized platform for managing access security across the network. Instead of having to manually manage multiple disparate security tools and platforms, operators and administrators can use a single platform to automatically manage access, monitor network activity, and detect and respond to security incidents.\"}),/*#__PURE__*/e(\"p\",{children:\"This saves time and reduces the likelihood of errors or oversights that can lead to security breaches.\"}),/*#__PURE__*/t(\"p\",{children:[\"Expert Note \",/*#__PURE__*/e(\"br\",{}),\"Dispel improved clients\u2019 incident response by 97% and saved users over 365,000 FTE hours.\",/*#__PURE__*/e(\"br\",{}),\"Integrations also reduce the cost of ownership. Because they contain relatively few components and they are obsolete, Legacy Access tools have a low initial cost. Maintenance, oversight, and management costs drive the price of ownership up considerably because of the number of people needed to manually manage Legacy Access platforms at scale.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Security Standards Govern Access\"}),/*#__PURE__*/e(\"p\",{children:\"Remote access is a critical aspect that needs to be properly secured. Fortunately, there are various modern security guidelines and requirements, including those that address remote access. Some of the most important ones are NIST, IEC 62443, NERC-CIP Section 5, and WITAF 503. These guidelines and requirements provide recommendations and best practices for securing systems and preventing cyberattacks. By following these guidelines and requirements, organizations can ensure that their networks prevent against cyber threats that could cause significant damage.\"}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"NIST\"})}),/*#__PURE__*/t(\"p\",{children:[\"The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce responsible for developing and promoting measurement, standards, and technology. NIST provides cybersecurity guidance for organizations, including the Cybersecurity Framework (CSF) and various Special Publications (SPs). Among these SPs are 800-53 (\",/*#__PURE__*/e(\"em\",{children:\"Security and Privacy Controls for Information Systems and Organizations\"}),\"), 800-82 (\",/*#__PURE__*/e(\"em\",{children:\"Guide to Industrial Control Systems (ICS) Security\"}),\"), and 800-160 Volume 2 (\",/*#__PURE__*/e(\"em\",{children:\"Developing Cyber-Resilient Systems\"}),\"). These publications provide comprehensive guidelines for securing industrial control systems and protecting critical infrastructure against cyber threats.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"IEC 62443\"})}),/*#__PURE__*/e(\"p\",{children:\"IEC 62443 is an international standard that provides guidelines for developing a comprehensive cybersecurity management system for industrial automation and control systems (IACS). It includes a lifecycle model that helps organizations manage cybersecurity from the beginning of a project through to the end of the system's life, and includes guidelines for secure development, testing, and deployment of IACS.\"}),/*#__PURE__*/e(\"h2\",{children:\"Replacing your outdated Legacy Access\"}),/*#__PURE__*/t(\"p\",{style:{\"--framer-text-alignment\":\"left\"},children:[/*#__PURE__*/e(n,{href:\"http://dispel.com/\",motionChild:!0,nodeId:\"QsZaADSSZ\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(i.a,{children:\"Dispel\\xa0Zero Trust Access\"})}),\" is the new standard in control, delivering superior protection from malware, intrusion, advanced persistent threats, and\\xa0insider attacks. Organizations gain an unprecedented level of control and visibility into each access session in an easy-to-read workflow map that provides the details and context necessary to understand what\u2019s happening on the network and how to proceed effectively.\"]}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"\u201CIf you are looking for a robust product for accessing\u2026assets securely and reliably, this is it.\u201D\"})}),/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"strong\",{children:\"-\\xa0\\xa0\\xa0\\xa0\\xa0\\xa0 IT Security Manager\"})})]});export const richText17=/*#__PURE__*/t(s.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"Zero trust emerged in the mid 2010s in response to continued failings of static defenses to keep attackers out. Static defenses\u2014classic, medieval castle-style defense in depth\u2014assumed a perfectly built security architecture would successfully lock bad actors out of a network. Only authenticated users with correct permissions could pass the gates and guards\u2014firewalls, intrusion detection, signature-based defenses against malware, and extensive and expensive logging. But real world data showed the static defense model was failing. Successful cyberattacks were increasing, not decreasing. What was going wrong?\"}),/*#__PURE__*/e(\"p\",{children:\"The sanctity of a user\u2019s identity lives at the center of a successful cybersecurity plan. While tactics may vary by sector and purpose, fundamentally we want the right user to get to the right data, and only that user and only that data. Identity demands authentication, and authorization permits access.\"}),/*#__PURE__*/e(\"p\",{children:\"Verifying one\u2019s identity through authentication (usually a password) became the primary target for offense and defense. We authenticate someone\u2019s identity through three classically accepted methods:\"}),/*#__PURE__*/t(\"ol\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{style:{\"--framer-font-size\":\"18px\"},children:\"What you know, \"})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{style:{\"--framer-font-size\":\"18px\"},children:\"What you have, and \"})})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:/*#__PURE__*/e(\"span\",{style:{\"--framer-font-size\":\"18px\"},children:\"What you are. \"})})})]}),/*#__PURE__*/e(\"p\",{children:\"Really, what you are should be the first and final answer, but biometric infrastructure isn\u2019t sufficient, and the privacy concerns are real. What you know is usually a password. What you have is a physical token or device generating a time-based code, typically used to counter someone stealing your password. What you are would be a biometric, such as a fingerprint, facial recognition, or retinal scan.\"}),/*#__PURE__*/e(\"p\",{children:\"When a user authenticates their identity to a system for which they have authorization, the classic model was to trust that device (also known as an endpoint, which we will use interchangeably with devices going forward. Endpoint is a weird term used within the tech sector, used by no layperson I\u2019ve ever met, but as it\u2019s common parlance we\u2019ll be using it here too).\"}),/*#__PURE__*/e(\"p\",{children:\"Before zero trust, an endpoint was imbued with the authorization attributes of the human\u2019s identity. In other words, once a human user authenticated their identity with the authorized system, the endpoint got the same access privileges the human was accorded. It became a \u201Ctrusted endpoint.\u201D If there were malware on that endpoint, or the device were stolen, or someone simply read over your shoulder then oops. The trusted endpoint became an unauthorized access method to data and systems.\"}),/*#__PURE__*/e(\"p\",{children:\"Because humans aren\u2019t in the machine, zero trust posits that we must become skeptics of a trusted endpoint. We cannot simply accept an identified and authenticated user is the sole entity involved in a session. We must instead assume the user is untrustworthy. We have zero trust.\"}),/*#__PURE__*/e(\"h2\",{children:/*#__PURE__*/e(\"strong\",{children:\"Zero Trust in Practice\"})}),/*#__PURE__*/e(\"p\",{children:\"In practice, zero trust accepts user identity verification and authorization, and then challenges the veracity of a trusted session. Does the identity start performing unusual actions, such as accessing file systems they don\u2019t normally or downloading unusual amounts of data? Is behavior occurring during different hours than normal? Is their geolocation appropriate? Perhaps, at a device level, is their typing pattern what we expect or when they\u2019re walking is their gait and stride correct for the human behind the identity we\u2019re allowing access for?\"}),/*#__PURE__*/e(\"h2\",{children:/*#__PURE__*/e(\"strong\",{children:\"Disposable Components\"})}),/*#__PURE__*/e(\"p\",{children:\"These are mostly illustrative examples readily understandable for identity. Similar ones exist for the endpoints themselves: if we decide all endpoints are untrustworthy, then their access window must be minimized. We can compartmentalize the endpoint a user is on from its target system by placing their session into a segmented, isolated environment. Virtualization allows us to destroy session isolation environments and rebuild them from validated images over and over again. This method of disposable intermediate components means we do not need to trust that a user didn\u2019t track mud, malware, or malicious actors into our clean environment when we granted them a session\u2014at the end of their session we instead destroy the infrastructure they used. By destroying the intermediate endpoints, we delete malware and eject unauthorized users from our systems. Imagine the same practice in another field: medicine. Throwing away a medical glove is far easier than trying to scrub pathogens off our hands after treating a patient. We\u2019ll still use soap and water (firewalls, intrusion detection and prevention, heuristic and signature-based defenses, etc.), but it\u2019s far easier and less costly to prevent an infection rather than cure one when all it takes is a simple protective barrier.\"}),/*#__PURE__*/e(\"h2\",{children:/*#__PURE__*/e(\"strong\",{children:\"Moving Target Defense\"})}),/*#__PURE__*/e(\"p\",{children:\"Let\u2019s go back to that holy grail: a user\u2019s identity. We talked about the original data we had to protect: their password. It\u2019s what they know. But a password is not the only key piece of information an authorized user knows. They also know the location where they\u2019re authenticating. This takes a moment to process, because we treat that information as commonplace. In our everyday lives we know the URLs of websites we visit, and then log into.\"}),/*#__PURE__*/e(\"p\",{children:\"But take a step back and realize that if someone picks up a random password from the street, they don\u2019t know where to use it. It\u2019s not great the password is out there\u2014they could write a script to start trying to log into every website out there\u2014but that brute force guessing method is extremely time-expensive. Knowing where to log in means we know where to attack. Location data falls within the very first step of a successful attack, reconnaissance, on the dramatically named Cyber Kill Chain.\"}),/*#__PURE__*/e(\"p\",{children:\"We deny the information needed to target an attack using a technology called moving target defense. When a session ends or an attack commences, we move the location of the entrance to the target systems. The attacker must find the entrance all over again before they can begin the process again. In the real world, this method of concealment and maneuver is commonplace: militaries user camouflage and highly mobile vehicles to evade detection and destruction. Nuclear submarines are prized far above missile silos. If, as a way of hiding in a conflict, you were asked to wear bright neon with a flashing light atop your head in the middle of an open field, and further told to broadcast your location\u2014trusting your body armor to protect you\u2014you would look at the requester with some askance. They\u2019re surely mad. Yet we do precisely that all the time with static defenses and networks when we don\u2019t safeguard the location of our critical systems.\"}),/*#__PURE__*/e(\"p\",{children:\"Zero trust argues any information useful to accessing a system should be denied or destroyed at the earliest possible moment. By altering the entrance network topology, through the use of disposable components spread across and hidden within public cloud providers, we achieve the zero trust objective.\"})]});\nexport const __FramerMetadata__ = {\"exports\":{\"richText6\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText4\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText1\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText12\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText17\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText14\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText3\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText11\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText7\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText9\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText2\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText13\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText10\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText15\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText8\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText16\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText5\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"__FramerMetadata__\":{\"type\":\"variable\"}}}"],
  "mappings": "2MAAAA,IAAsJ,IAAMC,EAAsBC,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,aAAa,CAAC,SAAsBA,EAAE,IAAI,CAAC,SAAS,6EAA6E,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,0XAA0X,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qnBAAqnB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,sQAAsQ,CAAC,EAAeF,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,OAAO,0BAA0B,OAAO,sBAAsB,qBAAqB,6BAA6B,MAAM,0BAA0B,MAAM,EAAE,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,0BAA0B,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,iFAAiF,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,wCAAwC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,mEAAmE,OAAO,2PAA2P,MAAM,CAAC,YAAY,aAAa,EAAE,MAAM,KAAK,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,uSAAuS,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,2RAAwSE,EAAEC,EAAE,CAAC,KAAK,yDAAyD,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,QAAQ,CAAC,CAAC,CAAC,EAAE,2SAAwTF,EAAEC,EAAE,CAAC,KAAK,yDAAyD,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,mBAAmB,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,UAAU,CAAC,EAAeA,EAAE,aAAa,CAAC,SAAsBA,EAAE,IAAI,CAAC,SAAS,2QAA2Q,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wcAAwc,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,WAAW,CAAC,EAAeA,EAAE,aAAa,CAAC,SAAsBA,EAAE,IAAI,CAAC,SAAS,+VAA+V,CAAC,CAAC,CAAC,EAAeA,EAAE,aAAa,CAAC,SAAsBA,EAAE,IAAI,CAAC,SAAS,iPAAiP,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,qOAAkPE,EAAEC,EAAE,CAAC,KAAK,qGAAqG,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,+BAA+B,CAAC,CAAC,CAAC,EAAE,scAAsc,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,WAAW,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2DAA2D,CAAC,EAAeA,EAAE,aAAa,CAAC,SAAsBA,EAAE,IAAI,CAAC,SAAS,4WAA8W,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,0pBAA0pB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4EAA4E,CAAC,EAAeA,EAAE,aAAa,CAAC,SAAsBA,EAAE,IAAI,CAAC,SAAS,0TAA4T,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,MAAmBE,EAAEC,EAAE,CAAC,KAAK,sEAAsE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,kBAAkB,CAAC,CAAC,CAAC,EAAE,0wBAA0wB,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,YAAY,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,0XAA0X,CAAC,CAAC,CAAC,CAAC,EAAeG,EAAuBL,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAS,+IAA+I,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mNAAmN,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,kEAAkE,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,kWAAkW,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2pBAA2pB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,6DAA6D,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,oZAAoZ,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,smBAAsmB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,yDAAyD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gcAAgc,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qQAAqQ,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,wCAAwC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+TAA+T,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,0WAA0W,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,6CAA6C,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,sWAAsW,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,iVAAiV,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,YAAY,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,ulBAA6kB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wbAAwb,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4aAA4a,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,6QAA6Q,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,iDAAiD,CAAC,CAAC,CAAC,CAAC,EAAeI,EAAuBN,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,KAAK,CAAC,SAAS,cAAc,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,20BAA20B,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,sFAAmGE,EAAEC,EAAE,CAAC,KAAK,CAAC,cAAc,CAAC,UAAU,sDAAsD,EAAE,oBAAoB,CAAC,UAAU,CAAC,aAAa,YAAY,iBAAiB,WAAW,CAAC,EAAE,UAAU,WAAW,EAAE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,yEAAyE,CAAC,CAAC,CAAC,EAAE,gcAAgc,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,+bAA+b,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+nBAA+nB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,kEAAkE,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,uVAAuV,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qYAAqY,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,kCAAkC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,iKAA8KE,EAAEC,EAAE,CAAC,KAAK,CAAC,cAAc,CAAC,UAAU,sDAAsD,EAAE,oBAAoB,CAAC,UAAU,CAAC,aAAa,YAAY,iBAAiB,WAAW,CAAC,EAAE,UAAU,WAAW,EAAE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,6BAA6B,CAAC,CAAC,CAAC,EAAE,ubAAkb,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,yDAAyD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qGAAqG,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,2SAA2S,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,6bAA6b,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,2rBAA2rB,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,2WAAsW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,+DAA+D,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,ocAAoc,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wVAAwV,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+dAAqd,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,mCAAmC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,slBAAslB,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,mDAAgEE,EAAEC,EAAE,CAAC,KAAK,6EAA6E,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,yDAAyD,CAAC,CAAC,CAAC,EAAE,sNAAsN,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,mCAAmC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8qBAA8qB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sBAAsB,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,+GAA4HE,EAAEC,EAAE,CAAC,KAAK,6EAA6E,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,yDAAyD,CAAC,CAAC,CAAC,EAAE,+IAA4JF,EAAEC,EAAE,CAAC,KAAK,sCAAsC,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,8BAA8B,CAAC,CAAC,CAAC,EAAE,4NAAyOF,EAAEC,EAAE,CAAC,KAAK,uBAAuB,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,2CAA2C,CAAC,CAAC,CAAC,EAAE,2QAA2Q,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeG,EAAuBP,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAS,scAAsc,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,mDAAmD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4WAAkW,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,qDAAqD,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAsBA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qCAAqC,CAAC,EAAE,yUAAyU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,+BAA+B,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,0CAA0C,CAAC,EAAE,2RAA2R,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,kCAAkC,CAAC,EAAE,4MAA4M,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sDAAsD,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qCAAqC,CAAC,EAAE,qRAAqR,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,mCAAmC,CAAC,EAAE,gKAAgK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,mDAAmD,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,8BAA8B,CAAC,EAAE,mQAAmQ,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qCAAqC,CAAC,EAAE,oMAAoM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,yBAAyB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gWAAgW,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wvBAAwvB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8uBAA8uB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,owBAAowB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,orBAAorB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,kCAAkC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,oRAA+Q,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+VAA2U,CAAC,CAAC,CAAC,CAAC,EAAeM,EAAuBR,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,YAAY,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,wFAAwF,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,yGAAyG,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,+GAA+G,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,6RAA6R,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qOAAqO,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,oCAAoC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4UAA4U,CAAC,CAAC,CAAC,CAAC,EAAeO,EAAuBT,EAAIC,EAAS,CAAC,SAAS,CAAcD,EAAE,IAAI,CAAC,SAAS,CAAC,8PAAsQE,EAAEC,EAAE,CAAC,KAAK,gDAAgD,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,0BAA0B,CAAC,CAAC,CAAC,EAAE,4FAA4F,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,iVAAiV,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8TAA8T,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,iRAA4Q,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,+CAA+C,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,oTAAoT,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gaAAga,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,2SAAwTE,EAAEC,EAAE,CAAC,KAAK,yEAAyE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,OAAoBF,EAAEC,EAAE,CAAC,KAAK,kGAAkG,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,QAAQ,CAAC,CAAC,CAAC,EAAE,iBAA8BF,EAAEC,EAAE,CAAC,KAAK,8FAA8F,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,EAAE,sIAAiI,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,yOAAyO,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,4CAA4C,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,uWAAuW,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,6GAA0HE,EAAEC,EAAE,CAAC,KAAK,yDAAyD,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,EAAE,KAAkBF,EAAEC,EAAE,CAAC,KAAK,0DAA0D,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,EAAE,KAAkBF,EAAEC,EAAE,CAAC,KAAK,0DAA0D,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,EAAE,SAAsBF,EAAEC,EAAE,CAAC,KAAK,0DAA0D,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,8TAA8T,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,gCAAgC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2GAA2G,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,cAAc,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,yGAAyG,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,mGAAmG,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,2GAA2G,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,SAAS,gCAAgC,CAAC,CAAC,CAAC,EAAeA,EAAE,QAAQ,CAAC,SAAS,GAAG,UAAU,eAAe,KAAK,GAAG,MAAM,GAAG,YAAY,GAAG,IAAI,oEAAoE,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,qCAAqC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,8IAA2JE,EAAEC,EAAE,CAAC,KAAK,CAAC,UAAU,WAAW,EAAE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,YAAY,CAAC,CAAC,CAAC,EAAE,6EAA6E,CAAC,CAAC,EAAeJ,EAAE,IAAI,CAAC,SAAS,CAAC,+SAA4TE,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,aAAa,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,gFAAgF,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,sFAAsF,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,CAAC,EAAE,mQAAmQ,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mPAAmP,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,SAAS,0CAA0C,CAAC,CAAC,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,sKAAsK,MAAM,CAAC,YAAY,aAAa,EAAE,MAAM,KAAK,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,8BAA8B,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+MAA+M,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,aAAa,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,iFAAiF,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,0FAA0F,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,QAAQ,CAAC,SAAS,GAAG,UAAU,eAAe,KAAK,GAAG,MAAM,GAAG,YAAY,GAAG,IAAI,qEAAqE,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,uCAAuC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wJAAwJ,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,kdAAkd,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,oSAAoS,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,6CAA6C,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,uCAAuC,CAAC,EAAE,2LAA2L,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,iCAAiC,CAAC,EAAE,mKAAmK,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,yBAAyB,CAAC,EAAE,oKAAoK,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,wCAAwC,CAAC,EAAE,2IAA2I,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qaAAqa,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wTAA8S,CAAC,CAAC,CAAC,CAAC,EAAeQ,EAAuBR,EAAID,EAAS,CAAC,SAAsBD,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,iDAAiD,CAAC,EAAE,4DAAyEA,EAAEC,EAAE,CAAC,KAAK,gCAAgC,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,4BAA4B,CAAC,CAAC,CAAC,EAAE,aAA0BF,EAAEC,EAAE,CAAC,KAAK,0BAA0B,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,aAAa,CAAC,CAAC,CAAC,EAAE,qDAAqD,CAAC,CAAC,CAAC,CAAC,EAAeO,EAAuBX,EAAIC,EAAS,CAAC,SAAS,CAAcD,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,wBAAwB,CAAC,EAAE,4FAAyGA,EAAE,SAAS,CAAC,SAAS,0BAAgB,CAAC,EAAE,sDAAmEA,EAAEC,EAAE,CAAC,KAAK,+CAA+C,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,YAAY,CAAC,CAAC,CAAC,EAAE,uNAA0NF,EAAEC,EAAE,CAAC,KAAK,gDAAgD,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,+BAA+B,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,ieAAud,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,gBAA6BE,EAAEC,EAAE,CAAC,KAAK,+CAA+C,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,YAAY,CAAC,CAAC,CAAC,EAAE,qdAAgd,CAAC,CAAC,EAAeJ,EAAE,IAAI,CAAC,SAAS,CAAC,6CAAqDE,EAAE,KAAK,CAAC,SAAS,cAAc,CAAC,EAAE,qXAAiW,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,uDAAuD,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,iEAAiE,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,8GAA8G,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,oEAAoE,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,iGAAiG,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,6HAA6H,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,kHAAkH,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,iIAAiI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,cAAc,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,oSAAiTE,EAAEC,EAAE,CAAC,KAAK,+MAA+M,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,gBAAgB,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeQ,EAAuBZ,EAAIC,EAAS,CAAC,SAAS,CAAcD,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,wBAAwB,CAAC,EAAE,ycAAyc,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wYAAwY,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,0YAA6Y,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,yMAAyM,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8eAAoe,CAAC,CAAC,CAAC,CAAC,EAAeW,EAAuBb,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,KAAK,CAAC,SAAS,2DAA2D,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,oEAAiFE,EAAEC,EAAE,CAAC,KAAK,iHAAiH,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,mBAAmB,CAAC,CAAC,CAAC,EAAE,ofAAof,CAAC,CAAC,EAAeJ,EAAE,IAAI,CAAC,SAAS,CAAC,4UAAyVE,EAAEC,EAAE,CAAC,KAAK,sEAAsE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,sDAAsD,CAAC,CAAC,CAAC,EAAE,YAAyBF,EAAEC,EAAE,CAAC,KAAK,wHAAwH,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,kCAAkC,CAAC,CAAC,CAAC,EAAE,SAAsBF,EAAEC,EAAE,CAAC,KAAK,sEAAsE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,oEAA+D,CAAC,CAAC,CAAC,EAAE,qLAAqL,CAAC,CAAC,EAAeJ,EAAE,IAAI,CAAC,SAAS,CAAC,6dAA0eE,EAAEC,EAAE,CAAC,KAAK,sGAAsG,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAsBF,EAAE,KAAK,CAAC,SAAS,wCAAwC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,4CAA4C,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,4CAA4C,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,uCAAuC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,uCAAuC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,0EAA0E,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,uBAAuB,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,qCAAqC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAS,2CAA2C,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,4BAA4B,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,yBAAsCE,EAAEC,EAAE,CAAC,KAAK,iHAAiH,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,UAAU,CAAC,CAAC,CAAC,EAAE,ygBAAygB,CAAC,CAAC,EAAeJ,EAAE,IAAI,CAAC,SAAS,CAAC,4FAA+FE,EAAEC,EAAE,CAAC,KAAK,sHAAsH,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,qDAAqD,CAAC,CAAC,CAAC,EAAE,oYAA+X,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,gEAAgE,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,yzBAAyzB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,8EAA8E,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mKAA8J,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcA,EAAE,KAAK,CAAC,kBAAkB,KAAK,SAAS,CAAcE,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,4BAA4B,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+bAA+b,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,kBAAkB,KAAK,SAAS,CAAcE,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,mCAAmC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,siBAAsiB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,kBAAkB,KAAK,SAAS,CAAcE,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,0BAA0B,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2UAA2U,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,kBAAkB,KAAK,SAAS,CAAcE,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,sCAAsC,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,gFAA6FE,EAAEC,EAAE,CAAC,KAAK,CAAC,KAAK,aAAa,UAAU,WAAW,EAAE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,eAAe,CAAC,CAAC,CAAC,EAAE,mJAAmJ,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,kBAAkB,KAAK,SAAS,CAAcE,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,uCAAuC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,kaAAka,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,KAAK,CAAC,kBAAkB,KAAK,SAAS,CAAcE,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,6CAA6C,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,kZAAkZ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,wCAAwC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gqBAAgqB,CAAC,CAAC,CAAC,CAAC,EAAeY,EAAwBd,EAAIC,EAAS,CAAC,SAAS,CAAcD,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,2BAA2B,CAAC,EAAE,yTAA+S,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2SAAkR,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wsBAAmsB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wZAA0X,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qUAAgU,CAAC,CAAC,CAAC,CAAC,EAAea,EAAwBf,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAS,iOAAiO,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,4BAAyCE,EAAEC,EAAE,CAAC,KAAK,oFAAoF,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,oCAAoC,CAAC,CAAC,CAAC,EAAE,ihBAAugB,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,yeAA0e,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,scAAsc,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,ygBAA0f,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,uXAAkX,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2PAA2P,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,cAAc,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,4kBAAolBE,EAAEC,EAAE,CAAC,KAAK,sBAAsB,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,gBAAgB,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,2CAA2C,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,urBAA0rBE,EAAEC,EAAE,CAAC,KAAK,sCAAsC,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,4BAA4B,CAAC,CAAC,CAAC,EAAE,IAAiBF,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,8JAA8J,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAec,EAAwBhB,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,sHAAsH,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,mTAAmT,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mLAAmL,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,cAAc,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,+BAA+B,CAAC,EAAE,uLAAkL,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qBAAqB,CAAC,EAAE,0MAA0M,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,0BAA0B,CAAC,EAAE,6MAA6M,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,2BAA2B,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gVAAgV,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,oCAAoC,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,iCAAiC,CAAC,EAAE,yHAAyH,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,8BAA8B,CAAC,EAAE,gKAAgK,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,gCAAgC,CAAC,EAAE,sHAAsH,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qaAAqa,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,mBAAmB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qOAAqO,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sBAAsB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mMAAmM,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,uBAAuB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,ycAAyc,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,uaAAwZ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAee,EAAwBjB,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,seAAse,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sDAAsD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,0sBAA0sB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,2BAA2B,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,6TAA6T,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sBAAsB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,uWAAuW,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,2BAA2B,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8XAA8X,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,iDAAiD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,iYAAiY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAegB,EAAwBlB,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,sxBAAsxB,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,gDAAgD,CAAC,EAAeF,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,iCAAiC,CAAC,EAAE,kIAAkI,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qCAAqC,CAAC,EAAE,wHAAwH,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,2BAA2B,CAAC,EAAE,yGAAyG,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,gCAAgC,CAAC,EAAE,yIAAoI,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,2CAA2C,CAAC,EAAE,kIAAkI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,6DAA6D,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+kBAA+kB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,4DAA4D,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,meAA8d,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,oDAAoD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,yaAAya,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,4CAA4C,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,sZAAiZ,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,0CAA0C,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gdAAgd,CAAC,CAAC,CAAC,CAAC,EAAeiB,EAAwBnB,EAAIC,EAAS,CAAC,SAAS,CAAcD,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,OAAO,CAAC,SAAS,2EAA4E,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,sCAAsC,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAsBF,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,cAA2BA,EAAEC,EAAE,CAAC,KAAK,yIAAyI,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,uBAAuB,CAAC,CAAC,CAAC,EAAE,wOAAqPF,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAE,IAAiBA,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAS,qRAAqR,CAAC,EAAE,QAAqBA,EAAE,OAAO,CAAC,MAAM,CAAC,qBAAqB,OAAO,0BAA0B,UAAU,EAAE,SAAS,UAAU,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,yIAAyI,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeJ,EAAE,IAAI,CAAC,MAAM,CAAC,qBAAqB,OAAO,uBAAuB,QAAQ,EAAE,SAAS,CAAcE,EAAE,OAAO,CAAC,SAAsBA,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,YAAY,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAsBF,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,cAAc,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAE,iNAA8NA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,uCAAuC,CAAC,CAAC,CAAC,EAAE,8DAA2EA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,gCAAgC,CAAC,CAAC,CAAC,EAAE,8EAA2FA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,qBAAqB,CAAC,CAAC,CAAC,EAAE,gGAA6GA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,qCAAqC,CAAC,CAAC,CAAC,EAAeA,EAAE,SAAS,CAAC,SAAS,GAAG,CAAC,EAAE,qFAAkGA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,mBAAmB,EAAE,SAAsBA,EAAE,SAAS,CAAC,SAAS,wCAAwC,CAAC,CAAC,CAAC,EAAE,gDAAgD,CAAC,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAY,EAAE,MAAM,KAAK,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,6CAA6C,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAsBF,EAAE,SAAS,CAAC,SAAS,wCAAwC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAY,EAAE,MAAM,KAAK,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,mEAAmE,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,UAAU,eAAe,kBAAkB,MAAM,SAAsBF,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,aAAa,EAAE,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,OAAO,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,iEAA4D,CAAC,CAAC,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,6CAA6C,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAsBF,EAAE,OAAO,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,mDAAmD,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,OAAO,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAS,iPAAiP,CAAC,CAAC,CAAC,EAAeA,EAAEC,EAAE,CAAC,KAAK,6CAA6C,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,UAAU,eAAe,kBAAkB,MAAM,SAAsBF,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAY,EAAE,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,SAAsBA,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,CAAC,EAAekB,EAAwBpB,EAAIC,EAAS,CAAC,SAAS,CAAcD,EAAE,IAAI,CAAC,SAAS,CAAC,uCAAoDE,EAAE,SAAS,CAAC,SAAS,4OAA4O,CAAC,EAAE,iMAAiM,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBF,EAAE,SAAS,CAAC,SAAS,CAAC,eAA4BE,EAAE,KAAK,CAAC,CAAC,EAAE,6KAA6K,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,+BAA+B,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,spBAAspB,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAY,EAAE,MAAM,KAAK,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+fAA+f,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,imBAA4lB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,gDAAgD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,ojBAAojB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8YAA8Y,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mYAAyX,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,iCAAiC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,mwBAAmwB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4WAA4W,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,eAAe,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,yQAAyQ,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,q1BAA20B,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,qDAAqD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qUAAqU,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,MAAM,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,GAAG,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,sKAAsK,MAAM,CAAC,YAAY,WAAW,EAAE,MAAM,KAAK,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,KAAK,CAAC,UAAU,gBAAgB,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,8BAA8B,CAAC,EAAeF,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qCAAqC,CAAC,EAAE,mQAAmQ,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,mBAAmB,CAAC,EAAE,moBAAmoB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,gCAAgC,CAAC,EAAeF,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,wBAAwB,CAAC,EAAE,6YAA6Y,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,uBAAuB,CAAC,EAAE,2OAA2O,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,oCAAoC,CAAC,EAAeF,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,qBAAqB,CAAC,EAAE,kOAAkO,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,mCAAmC,CAAC,EAAE,yYAAyY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,iCAAiC,CAAC,EAAeF,EAAE,KAAK,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,2BAA2B,CAAC,EAAE,0UAA0U,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBF,EAAE,IAAI,CAAC,SAAS,CAAcE,EAAE,SAAS,CAAC,SAAS,6BAA6B,CAAC,EAAE,+PAA+P,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBF,EAAE,SAAS,CAAC,SAAS,CAAC,cAA2BE,EAAE,KAAK,CAAC,CAAC,EAAE,4OAA4O,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,eAAe,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,qSAAqS,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,8hBAA8hB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sBAAsB,CAAC,EAAeA,EAAE,MAAM,CAAC,IAAI,iNAAiN,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,qKAAqK,MAAM,CAAC,YAAY,YAAY,EAAE,MAAM,KAAK,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,sDAAsD,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,6cAA6c,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,wGAAwG,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,eAA4BE,EAAE,KAAK,CAAC,CAAC,EAAE,iGAAyGA,EAAE,KAAK,CAAC,CAAC,EAAE,0VAA0V,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,kCAAkC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,sjBAAsjB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAS,CAAC,6XAA0YE,EAAE,KAAK,CAAC,SAAS,yEAAyE,CAAC,EAAE,cAA2BA,EAAE,KAAK,CAAC,SAAS,oDAAoD,CAAC,EAAE,4BAAyCA,EAAE,KAAK,CAAC,SAAS,oCAAoC,CAAC,EAAE,8JAA8J,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,WAAW,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4ZAA4Z,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAS,uCAAuC,CAAC,EAAeF,EAAE,IAAI,CAAC,MAAM,CAAC,0BAA0B,MAAM,EAAE,SAAS,CAAcE,EAAEC,EAAE,CAAC,KAAK,qBAAqB,YAAY,GAAG,OAAO,YAAY,aAAa,GAAG,UAAU,CAAC,EAAE,QAAQ,oBAAoB,aAAa,GAAG,SAAsBD,EAAEE,EAAE,EAAE,CAAC,SAAS,6BAA6B,CAAC,CAAC,CAAC,EAAE,+YAA0Y,CAAC,CAAC,EAAeF,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,kHAAmG,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,+CAA+C,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAemB,EAAwBrB,EAAIC,EAAS,CAAC,SAAS,CAAcC,EAAE,IAAI,CAAC,SAAS,snBAAumB,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,uTAAkT,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,kNAAwM,CAAC,EAAeF,EAAE,KAAK,CAAC,SAAS,CAAcE,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,qBAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsBA,EAAE,IAAI,CAAC,SAAsBA,EAAE,OAAO,CAAC,MAAM,CAAC,qBAAqB,MAAM,EAAE,SAAS,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2ZAAsZ,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gYAAiX,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,2fAA4e,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,+RAA0R,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,wBAAwB,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,yjBAA0iB,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,uBAAuB,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,4xCAAwwC,CAAC,EAAeA,EAAE,KAAK,CAAC,SAAsBA,EAAE,SAAS,CAAC,SAAS,uBAAuB,CAAC,CAAC,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,kdAA8b,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,sgBAAkf,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,w8BAAo7B,CAAC,EAAeA,EAAE,IAAI,CAAC,SAAS,gTAAgT,CAAC,CAAC,CAAC,CAAC,EACzjiIoB,EAAqB,CAAC,QAAU,CAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,SAAW,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAG,CAAC,EAAE,mBAAqB,CAAC,KAAO,UAAU,CAAC,CAAC",
  "names": ["init_ssg_sandbox_shims", "richText", "u", "x", "p", "Link", "motion", "richText1", "richText2", "richText3", "richText4", "richText5", "richText6", "richText7", "richText8", "richText9", "richText10", "richText11", "richText12", "richText13", "richText14", "richText15", "richText16", "richText17", "__FramerMetadata__"]
}