ICS Threat Detection and Mitigation



Tenable.ot

Every industrial facility has a network control system that is comprised of purpose-built controllers. These controllers serve as the core of all the industry processes. Thus, without complete visibility and enhanced security and managing control access these controllers can be compromised which can halt the whole organization’s processes. Therefore, protecting these controllers became as of late the most important issue to solve.
And to solve that issue we Watad provide Tenable.ot. IT is a cybersecurity solution that protects your industry network from cyber threats, and malicious insiders, as well as human error. This industrial control system (ICS) focus on maximizing the safety and reliability of the operational environments and delivering situational awareness across all OT assets.




Advantages

  • Gain full visibility of IT/OT operations, by eliminating blind spots that can cause threats later and can cross IT and OT.
  • Using multiple detection methodologies to detect and mitigate threats that impact the industry operations.
  • Gain deep knowledge and situational awareness of IT/OT assets.
  • Identify vulnerabilities and threats before they become exploits.
  • Track configuration modifications with full audit trail capabilities.


  • Features

    1. Asset Tracking

    Tenable.ot provide automated asset discovery, visualization capabilities, and a comprehensive up-to-date inventory of all the network assets. Moreover, it provides active device scanning capability that discovers the inactive devices in the network’s “blind” zone and local only data. Tenable.ot network asset inventory contains unmatched asset information track the asset firmware and OS versions, internal configuration, running software and users, as well as a backplane configuration for both IT/OT based equipment.



    2. Vulnerability Management

    Tenable.ot generate risk levels reports for every asset in your ICS network, these reports contain scores for how high the risk is with detailed insight on why, and suggestions on how to mitigate these risks. Tenable.ot risk assessment is based on various parameters (firmware versions, relevant CVEs, proprietary research, etc.) which makes it easier for authorized personnel to quickly and efficiently identify new vulnerabilities and mitigate them.



    3. Configuration Control

    when any changes in configuration, by a user or a malware, Tenable.ot tracks and logs it all whether it was done over a network or directly on the device. With full history records of changes that were made on the device overtime, these records contain granularity a ladder logic segments, diagnostic buffers, tag tables, etc. Which enables authorized personnel to make a backup snapshot with the last known good state, for recovery.