Industrial Security from Tenable

Additional Info

CompanyTenable, Inc.
Websitehttp://www.tenable.com
Company size (employees)500 to 999

Overview

Digital transformation has replaced perimeter-based environments with a boundaryless mix of modern and traditional devices. Formerly isolated systems, such as ICS and SCADA systems, are now connected to IT networks and even exposed to the public internet, further expanding the attack surface. Many of them were designed with little regard for security in a connected world, and are therefore ill prepared to withstand today’s threats. Identifying and mitigating ICS and SCADA vulnerabilities is vital, yet the approach traditionally used in IT environments – active vulnerability scanning – is a non-starter with sensitive OT assets, because such intrusive probing can impact their performance or even knock them offline.

In response, Tenable has partnered with OT giant Siemens to develop Industrial Security, a solution that delivers continuous asset discovery and vulnerability detection for safety-critical operational networks. Purpose-built for ICS and SCADA systems, the solution uses passive network monitoring, not active scanning, to provide safe and reliable insight into vulnerabilities present on industrial systems. This allows energy, utilities, manufacturing and other companies to mitigate their weaknesses and ensure production continuity. Industrial Security from Tenable supports systems from Siemens, Schneider Electric, Rockwell Automation, Emerson, Honeywell, Progea, WellinTech and many other manufacturers. Supported protocols include BACnet, CIP, DNP3, Ethernet/IP, ICCP, IEC 60870-5-104, IEC 60850, IEEE C37.118, Modbus/TCP, OPC, openSCADA, PROFINET, Siemens S7, and others.

Continuous asset discovery identifies new devices, software, ports/protocols, and connections, so any unexpected additions can be immediately investigated. Passive vulnerability detection uses deep packet inspection to safely detect a wide range of OT vulnerabilities. Criticality scoring helps prioritize remediation.

The solution delivers central visibility across multiple sites/plants by managing and consolidating data from multiple instances. As a result, IT and OT security, plant operations, and compliance teams enhance security, improve asset protection, and strengthen regulatory compliance.

How we are different

This solution is the result of a unique strategic partnership between Tenable and Siemens, which contributed deep OT expertise to its development. Industrial Security from Tenable represents the best of the cybersecurity and OT worlds coming together to deliver a tailor-made ICS & SCADA security offering.


Industrial Security is the industry’s first OT-dedicated passive vulnerability detection solution, and thus the first to provide organizations with a safe and reliable approach to identifying vulnerabilities in their ICS and SCADA systems. By passively analyzing network traffic, it provides continuous visibility into managed and unmanaged assets on the network, and vulnerabilities on those systems.


Organizations with SCADA systems must protect themselves from an increasing number of threats while still maintaining compliance with strict regulatory requirements like the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards. Industrial Security helps electric utilities and others ensure the safety of critical infrastructure by continuously monitoring for vulnerabilities, threats, and the compliance and security issues that their SCADA networks face.