Sectrio

How to Scan The OT Devices Identified and Related Vulnerabilities

there is a question which says how do you scan the ot devices identified in the related uh and the related vulnerabilities so uh i mean great great question because as i was mentioning earlier it’s not always possible to actively probe some of these ot devices especially understanding that their critical nature and their very very time or resource intensive ways how they respond to uh to external uh communications right so there are more than one way we actually uh scan the devices uh one is what we call it as a passive uh scanning so we basically look at all the different uh traffic that comes out uh from these uh endpoints or devices uh through let’s say uh just just uh studying the peak cap of that is coming from the switch or the gateway or of trying to passively monitor it uh running some specific uh uh sdk scripts on uh you know to get the data from its tertiary servers like your historian servers what are the logs that are generating and then mapping out these different sources to identify what are the related vulnerabilities now in certain cases if there are very specific uh in-depth vulnerability assessment that are required uh we do need to have you know we do need to reach out to those devices or at least have a an inventory of what the devices look like uh and then we do look ups on our own end to uh already identified our existing vulnerabilities within our honeypot lab and then map that profile with what our customers have uh so these are several techniques that we use to scan them passively uh with a very low intensive way mapping it to the profiles we already have in the lab and then seeing what are the commonalities between these devices and what we have even if we do not have certain things we kind of use uh you know we kind of use the passive scanning techniques to monitor it conduct the protocol analysis within the solution and then provide results in the form of reports or even alerts uh some cases hopefully that answer the question

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top