Spreadsheets of assets, probably outdated

Maturing with ID

Import your spreadsheets to a relational database and move from ad hoc manual collections to automated updates. Find hidden assets with multiple techniques.

OT and security functions are siloed

Maturing with ID

Gain insight for the OT team into other teams’ activities like firewall changes, anti-malware alerts and failed backups for more complete risk awareness at the local level and vice versa.

Spreadsheets of add/remove programs and firmwares, probably outdated

Maturing with ID

Automate collection and go deeper for critical assets or software packages. Import and track your process code as software titles using file monitoring techniques.

Getting a feed of patches from the OEM, still don’t really know vulnerabilities

Maturing with ID

Patches mean vulnerabilities. Control the frequency of vulnerability updates and see the risk of each asset based on your weighting.

OT is mostly separate from the IT, and we are pretty sure we know the routes to the outside world

Maturing with ID

Know the firewalls rules, visualize communication flows with NetFlow data and capture hidden networks from detailed configuration of each device. Alert yourself to any changes.

A couple of pivot tables or bar graphs generated from those spreadsheets

Maturing with ID

Real time, historical and trend reports that can be run as needed, or schedule and email or place on file shares. Can even be password protected to protect extra sensitive data like a vulnerability report.

Regular automatic collection of asset data available to OT team

Maturing with ID

Get 100% asset inventory using advanced techniques like configuration file ingestion, or database sync to control systems for otherwise hard-to-update assets. Configurations are integrated into other systems as needed for other teams to leverage, keeping the whole enterprise on the same page.

Leverage reporting to not only show we are doing our jobs, but have awareness that key partners (internal or external) are doing theirs

Maturing with ID

Alerts and reports for key processes from DCS AD, firewalls, anti-malware and backup processes. Key event alerts are sent to operator console, NOC or SOC as relevant.

Database of software/firmware per asset

Maturing with ID

100% inventory, key assets even go down to file-level monitoring to find sub-components. Let Industrial Defender deal with heterogenous SBOM formats and reconciling as vendors develop capabilities.

Process to collect vulnerabilities

Maturing with ID

Automate vulnerability identification per asset and provide details to other teams as needed in their own tools.

Using network monitoring to watch known routes for segmentation violations

Maturing with ID

Use configuration alerts to identify teams of unauthorized networks. Send net analytics information to enterprise team for end-to-end visibility.

A couple of reports mostly for internal use or audits

Maturing with ID

All your assets, users, alerts, network analytics details are freely shared with other enterprise tools to help enterprise security. Hundreds of reports already aligned to various standards to help with certification or audit efforts.