Operational Technology (OT) Asset management
Good OT asset management relies on a comprehensive and accurate inventory of all hardware and software tha is present in your OT environment.
Between the device and other devices including the protocol used to connect, time of the connection, duration of the
connection, amount of data transferred, physical layer information such as Wi-Fi channel used.
That shows where each device is on the Purdue reference architecture model and the real-time connections that each device makes relative to other devices in other levels of the Purdue model.
including important information such as date, time, type, activities that caused the alert, severity of the alert.
Accessed by the device including the date and time, name of the service, amount of traffic, and transmission characteristics such as latency.
To and from the device including port, description and size of the transfer.
Based on manufacturer reputation, cloud synchronization behavior, connection security, data-at-rest security, malicious domains visited, number of wireless protocols used, malicious behavior, number of open ports, user authentication, threat detected, and vulnerability history.
(CVEs) found on the device including drilldown details such as CVE publish date, attack vector, attack complexity, and whether user interaction is required.
This includes firmware vulnerabilities such as CDPwn.
Another important aspect of OT asset management is ensuring that each device is programmed and configured correctly.
The scope of device discovery extends to your entire environment—from the manufacturing line to the executive suite.
This is important because attackers view your environment as one large interconnected attack surface. Including network switches and firewalls, video cameras, HVAC systems, and more...