At the heart of every industrial facility is a network of industrial control systems which is comprised of purpose-built controllers. Sometimes known as Programmable Logic Controllers (PLCs) and Remote Terminal Units (RTUs), these controllers are dedicated industrial devices that serve as the bedrock of all industrial processes. Today’s sophisticated Operations Technology (OT) environments have a large attack surface with numerous attack vectors. Without complete visibility, security and control across the converged IT and OT, the likelihood of getting attacked is not a matter of ‘if’; it’s a matter of ‘when’. Tenable.otTM protects industrial networks from cyber threats, malicious insiders, and human error. From threat detection and mitigation to asset tracking, vulnerability management, and configuration control, our Industrial Control System (ICS) security capabilities maximize the safety and reliability of operational environments. The solution delivers situational awareness across all sites and their respective OT assets – from Windows Servers to PLC backplanes in a single pane of glass.
- Gain full visibility across converged IT/OT operations. Eliminate blind spots which can harbor lateral threats that can traverse IT and OT.
- Detect and mitigate threats that impact industrial and critical operations by leveraging multiple detection methodologies.
- Identify and track IT and OT assets. Gain deep knowledge and situational awareness into the operation and state.
- Reduce risk by identifying vulnerabilities and potential threats before they become exploits and impact industrial operations.
- Track configuration changes with full audit trail capabilities. Determine whom, what and why changes were made as well as the result of those changes.
Tenable.ot provides complete enterprise visibility by integrating with Tenable.sc as well as leading IT security tools, such as SIEM, other activity reporting tools, Next Generation Firewalls, vulnerability management tools and more. The platform also shares information with CMDB, asset inventory platforms, change management tools and more. Our RESTful API is designed to facilitate extraction of data even to proprietary tools, giving a more coherent view of the IT & OT environments in a single pane of glass.
Threat Detection and Mitigation
Tenable.ot detects and alerts about threats coming from external and internal sources – whether human or malware based. Leveraging multidetection methodologies Tenable.ot identifies anomalous network behavior, enforces network security policies and tracks local changes on devices. This enables organizations to detect and mitigate risky events in OT environments. Context-aware alerts include extended information and a comprehensive audit trail for fast incident response and forensic investigations.
including Workstations, Servers, HMIs, Historians, PLCs, RTUs, IEDs and network devices. Active device scanning capabilities enable the discovery of dormant devices in the network’s “blind” zone and local-only data. The inventory contains unparalleled asset information depth – tracking firmware and OS versions, internal configuration, running software and users, as well as serial numbers and backplane configuration for both IT and OT based equipment.
Drawing on our comprehensive and detailed asset tracking capabilities, Tenable.ot generates risk levels for every asset in your ICS network. These reports include risk scoring and detailed insights, along with mitigation suggestions. Our vulnerability assessment is based on various parameters such as firmware versions, relevant CVEs, proprietary research, default passwords, open ports, hotfixes installed and more. This enables authorized personnel to quickly identify new vulnerabilities and efficiently mitigate risk factors in the network.
Tenable.ot tracks and logs all configuration changes executed by a user or by malware, whether over the network or directly on the device. It provides a full history of changes made to device configurations over time, including granularity of specific ladder logic segments, diagnostic buffers, tag tables and more. This enables users to establish a backup snapshot with the “last known good state” for faster recovery and demonstrate compliance with industry regulations.
INTEGRATION WITH TENABLE.SC
Tenable.ot data can be imported into Tenable.sc for comprehensive visibility of the converged IT/OT attack surface:
- Nessus scanners managed by Tenable.sc can discover and thoroughly assess IT-based assets
- Report and dashboard templates present a single pane of glass for IT and OT assets.
- Integrations with Cyber Exposure Technology Ecosystem partners enhance remediation/response processes while utilizing existing investments
Tenable.ot is delivered as an all-in-one turnkey appliance that plugs into the network without the use of agents. It is available in 1U Rack form factor as well as a virtual appliance, while the Sensors come in both rack mounts or DIN-rail mount form factors.
Tenable, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies.