ICS Threat Detection and Mitigation
Every industrial facility has a network control system that is comprised of purpose-built controllers. These controllers serve as the core of all the industry processes. Thus, without complete visibility and enhanced security and managing control access these controllers can be compromised which can halt the whole organization’s processes. Therefore, protecting these controllers became as of late the most important issue to solve.
And to solve that issue we Watad provide Tenable.ot. IT is a cybersecurity solution that protects your industry network from cyber threats, and malicious insiders, as well as human error. This industrial control system (ICS) focus on maximizing the safety and reliability of the operational environments and delivering situational awareness across all OT assets.
1. Asset Tracking
Tenable.ot provide automated asset discovery, visualization capabilities, and a comprehensive up-to-date inventory of all the network assets. Moreover, it provides active device scanning capability that discovers the inactive devices in the network’s “blind” zone and local only data. Tenable.ot network asset inventory contains unmatched asset information track the asset firmware and OS versions, internal configuration, running software and users, as well as a backplane configuration for both IT/OT based equipment.
2. Vulnerability Management
Tenable.ot generate risk levels reports for every asset in your ICS network, these reports contain scores for how high the risk is with detailed insight on why, and suggestions on how to mitigate these risks. Tenable.ot risk assessment is based on various parameters (firmware versions, relevant CVEs, proprietary research, etc.) which makes it easier for authorized personnel to quickly and efficiently identify new vulnerabilities and mitigate them.
3. Configuration Control
when any changes in configuration, by a user or a malware, Tenable.ot tracks and logs it all whether it was done over a network or directly on the device. With full history records of changes that were made on the device overtime, these records contain granularity a ladder logic segments, diagnostic buffers, tag tables, etc. Which enables authorized personnel to make a backup snapshot with the last known good state, for recovery.