Frequently Asked Questions

I already purchased a passive inventory solution. How is ID different?

Industrial Defender builds in a wide variety of hardware, firmware and software data collection methods, including active, agentless and passive options, into one sensor. Our solution provides features that a passive solution can’t, including:

Device Configuration Data

System Access & Authentication

Firewall Information & Events

Asset Resource Utilization & Status

Device Configuration Data

Installed firmware and software inventory, including versions
OS, including vulnerabilities and patches installed
File integrity monitoring
Open ports and services
Policies modified
Removable media installed
Malicious code detected/AV
Failure of event logging
Serial number

Learn more

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

System Access & Authentication

Successful and failed login attempts
Generic and shared user accounts
Local and A/D accounts
Password parameters and age
User account locked
Policies modified
Privilege raised
Failure of event logging

Learn more

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

Firewall Information & Events

Firewall rules, including change detection
Blocked execution (packet)
Blocked unauthorized file
Policies modified

Learn more

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

Asset Resource Utilization & Status

CPU usage over time
RAM usage over time
Disk space
Swap space
Connectivity lost
Shutdown
Rebooted and boot checksum
Backup failure

Learn more

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

We can also ingest data from your passive monitoring solution to give you more granular asset data and better SIEM integrations.

How is compliance reporting with Industrial Defender different?

Our one-click compliance reporting for 50+ international standards and regulations gives you all the information you need to prove compliance with your standard. We help 8 of the top 10 utilities in the UnitedStates stay compliant with the most stringent standard in the world, NERC CIP.

I run our SOC. What does ID do for me?

SOC analysts love us! Our solution provides the contextual asset intelligence they need to act on threat intelligence and security alerts. If you are a Splunk user, check out our Splunk integration. It’s the best in the OT space:

https://www.industrialdefender.com/industrial-defender-splunk/

Is this a point solution for OT?

No, Industrial Defender is a comprehensive OT security platform offering asset visibility, asset management, vulnerability management, security monitoring and compliance reporting in one UI.

Do you have an API?

Yes, we have a comprehensive API that connects with almost anything you need it to! For more information on our data sharing capabilities, checkout our integrations data sheet: https://www.industrialdefender.com/integrations-data-sheet/

Can ID integrate with my enterprise CMDB?

Yes, we have comprehensive integration options with ServiceNow, IBM, BMC and more.

I have Qualys and Nessus, why would I need another vulnerability management platform?

OT environments are both unique and sensitive. Performing those types of scans in operational systems is both risky and incomplete. Our scanless, cloud-based offering, Immunity by ID, leverages machine learning and natural language processing to create a prioritized list of vulnerabilities using existing asset inventory information. Learn more about Immunity here: https://www.industrialdefender.com/immunity-by-industrial-defender/

Will I be able to show my SOC team that our OT systems are secure, without giving them access?

Yes, our comprehensive APIs share any data our system collects with your SIEM of choice.

How can I position the solution to get buy in from the executive team?

We recommend pitching OT cybersecurity investments in terms of risk reduction and TCO. Industrial Defender can help you consolidate multiple point solutions for visibility, security and compliance into one tool.Because of our turnkey deployments, scalable infrastructure and team of experts, we have the lowest TCO in the industry. If you need help quantifying risk, we’ve created this helpful risk calculator: https://www.industrialdefender.com/risk-calculator-request/

I just need a portion of the ID platform. Do I have to buy the whole thing?

No, both Illuminate and Immunity can be purchased as standalone solutions. You can also individually license ID core components based on your needs.

Can I run your product on prem? In the cloud?

Yes, you can run ID on virtual or physical machines or in the cloud. We also offer a hosted managed service, CopilOT, to help augment your security team.

What resources do I need to deploy ID?

Our solution is simple enough that you can manage it yourself. If you need help managing the tool, we also offer a wide range of Professional Services to help. https://www.industrialdefender.com/professional-services/

I already purchased a passive inventory solution. How is ID different?

Device Configuration Data

System Access & Authentication

Firewall Information & Events

Asset Resource Utilization & Status

Device Configuration Data

Installed firmware and software inventory, including versions
OS, including vulnerabilities and patches installed
File integrity monitoring
Open ports and services
Policies modified
Removable media installed
Malicious code detected/AV
Failure of event logging
Serial number

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

System Access & Authentication

Successful and failed login attempts
Generic and shared user accounts
Local and A/D accounts
Password parameters and age
User account locked
Policies modified
Privilege raised
Failure of event logging

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

Firewall Information & Events

Firewall rules, including change detection
Blocked execution (packet)
Blocked unauthorized file
Policies modified

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

Asset Resource Utilization & Status

CPU usage over time
RAM usage over time
Disk space
Swap space
Connectivity lost
Shutdown
Rebooted and boot checksum
Backup failure

*This list is not all encompassing. The data collected varies for each device, dependent upon the manufacturer, model, and version.

We can also ingest data from your passive monitoring solution to give you more granular asset data and better SIEM integrations.

How is compliance reporting with Industrial Defender different?

Our one-click compliance reporting for 50+ international standards and regulations gives you all the information you need to prove compliance with your standard. We help 8 of the top 10 utilities in the United States stay compliant with the most stringent standard in the world, NERC CIP.

I run our SOC. What does ID do for me?

Is this a point solution for OT?

No, Industrial Defender is a comprehensive OT security platform offering asset visibility, asset management, vulnerability management, security monitoring and compliance reporting in one UI.

Do you have an API?

Can ID integrate with my enterprise CMDB?

Yes, we have comprehensive integration options with ServiceNow, IBM, BMC and more.

I have Qualys and Nessus, why would I need another vulnerability management platform?

Will I be able to show my SOC team that our OT systems are secure, without giving them access?

Yes, our comprehensive APIs share any data our system collects with your SIEM of choice.

How can I position the solution to get buy in from the executive team?

Can I run your product on prem? In the cloud?

Yes, you can run ID on virtual or physical machines or in the cloud. We also offer a hosted managed service, CopilOT, to help augment your security team.

What resources do I need to deploy ID?

FAQ

Device Configuration Data

System Access & Authentication

Firewall Information & Events

Asset Resource Utilization & Status

Device Configuration Data

System Access & Authentication

Firewall Information & Events

Asset Resource Utilization & Status

Request Your Demo

Asset Visibility & Management

Vulnerability Management

IT/OT Collaboration

Compliance Reporting

Stay up to date.

PRODUCTS

SERVICES

SOLUTION BY TYPE

SOLUTION BY FUNCTION

SOLUTION BY INDUSTRY

RESOURCES

COMPANY

SOLUTIONS

PLATFORM

INDUSTRIES

RESOURCES

COMPANY

SUPPORT

REQUEST DEMO

FAQ

Request Your Demo

Asset Visibility & Management

Vulnerability Management

IT/OT Collaboration

Compliance Reporting

Stay up to date.

PRODUCTS

SERVICES

SOLUTION BY TYPE

SOLUTION BY FUNCTION

SOLUTION BY INDUSTRY

RESOURCES

COMPANY