OT Assets like a boss

Why should managing your digital OT be more difficult than using social media? The simple reason is, because you are using  inappropriate tools. The solution is not a better spreadsheet.
It’s something entirely different.

Experience the OT-BASE difference

OT-BASE is an asset management platform for organisations in manufacturing and critical infrastructure which are dissatisfied with using Excel to inventory and manage their digital infrastructure.

Without OT-BASE:
Tool-centric workflow

Excel, Visio & wiring diagrams… because you didn’t have anything better

Without OT Base
Configuration details of control networks, PLCs, software versions etc. are scattered across dispersed files. Stored in different folders, on different servers, and locked in silos. Data acquisition is manual, resulting in incomplete and outdated information. Workflow automation is completely missing. It’s like being stuck in the Nineties.

User-centric Workflow

Designed for the way control engineers & admins want to work

Automatic discovery of the identity and configuration of your digital OT assets and networks. Consolidation of OT configuration details in a central platform, accessible by web browser and web services. System details are no longer known to individual engineers only, but are instantly available to every team member and other apps, turning everyone into an expert.

Hardware Inventory

Get a listing of all OT devices, both bare metal and virtualized, that can be filtered by location, device category, IP address and more. Get a listing of all devices of a specific make and model.

Software Inventory

Get a listing of operating systems, software applications, and firmware along with exact version numbers. Get a listing of all software installations for a specific product and version, along with license keys. Identify all devices where a specific software, firmware, OS version is installed within seconds.

Vulnerability Management

See vulnerabilities published in NIST’s National Vulnerability Database that affect your installed base, associated with the software & hardware products you are using, and with individual devices.

Configuration Management

Plan and monitor configuration change with a straightforward workflow. Check configuration change, no matter if planned or unauthorized, by using a change history that is automatically maintained for every device. Use baselines to define and audit reference configurations.

Network Topology

Get accurate and complete interactive network diagrams which allow you to drill down into device configurations and subnets. Focus on layer 2 or layer 3 information by selectively enabling or disabling certain types of metadata.

Data Flow Mapping

Get a realistic picture of the de-facto data flow in your mission-critical networks. Validate protocols and endpoints for actually intended vs. unauthorized traffic. Get alerts on unauthorized data flow. Automatically visualize data flow in interactive UML diagrams.

Location Mapping

Get context information about the location where OT components are installed, be it photos, Google Maps depiction, street address, or Webcam feeds.

Access Control

Allow access to the asset management platform for various user roles and third parties such as contractors, vendors, and consultants with user-definable roles and scopes. Assure that users can only see those parts of your OT infrastructure that they are entitled to.

Multi-language user interface

Does your company operate internationally? Then you will appreciate that the user interface of OT-BASE supports multiple languages. Switch between English, German, Swedish, Mandarin and others with a click of the mouse.

Your OT configuration is more than a bunch of hardware boxes, software, and cables.

OT-BASE turns it into data that you can visualize, analyze, search, and share 

Unlock the configuration data already stored in your devices
Unlike the first generation of ICS asset discovery tools that use passive scanning, OT-BASE Asset Discovery selectively probes endpoints and network gear using legitimate and safe protocols which were intended just for this purpose. This way, OT-BASE can tell you the full story: About your network topology, software products and versions, security patches not installed, firmware versions, device metadata drawn from EDS and GSDML files, and much more.

agentless asset discovery

OT-BASE Asset Discovery is a software-only product (native Windows or Docker container) that discovers your network topology, device identity, hardware and software configuration, and data flow.

small footprint

Hardware requirements for OT-BASE Asset Discovery are low because no realtime processing of network traffic is performed. Install on an existing Windows / Linux / VM platform, or on dedicated Intel NUC.

Selective Probing

Unlike dumb port scanning, selective probing is only done for preselected IP addresses and address ranges and uses legitimate standard interfaces such as SNMP and WMI. It sees configuration data that passive scanning can’t see.

Continous monitoring

Through periodic probing, OT-BASE can alert you about any unauthorized configuration change, catching well-intended silent installs as well as sophisticated cyber attacks.

Integrate OT asset data into your existing software environment

Chances are that there is more than one enterprise application in your organization which also stores OT asset data. Examples are IT asset management systems such as BMC ARS and IBM Maximo. Or service management platforms such as ServiceNow. And you may also want to analyze OT configurations and events using Splunk or QRadar. What you don’t want is to maintain asset information in multiple places.

This is where the REST API of OT-BASE comes in. It opens your OT configuration data up for integration with your existing enterprise software, and for custom app. Watch the video to see how easy it is to export asset data using the ubiquitous JSON format!

Need to inventory IT devices and software as well? OT-BASE can do that for you, too
If you don’t maintain an asset inventory for your IT systems already, there’s no need to purchase an additional, IT-centric solution. OT-BASE can inventory your IT systems just as well. Added benefit: You get the full picture in one solution, and you can integrate overlapping functions such as vulnerability management, thereby boosting efficiency.

backed by policy

Technology alone doesn’t make your OT infrastructure more secure if not backed by a set of sound policies. OT-BASE is fully integrated with a comprehensive OT security program that takes the guesswork out of implementing IEC 62443, ISO 27k, NIST CSF or other standards, and shows you exactly how to complement a powerful OT asset management system with policies, procedures, and metrics. It’s called the Simple Cyber Governance Program (SCGP) and it’s used for years in multiple critical infrastructure sectors, including nuclear.

The Simple Cyber Governance Program shows you in detail, step by step, how to arrive at sustainable OT security, and how to leverage OT-BASE for maintaining a solid cyber security posture.

Priced around Customer value

OT-BASE is licensed based on volume. You pay for your number of digital devices, regardless of the number of users, number of networks, number of sites. Devices are: Computers (bare metal or virtualized), network switches, PLCs, RTUs etc. Devices are not: Interface cards, I/O modules, keyboards etc.

License fee per device degrades with the number of devices. The more devices you manage with OT-BASE, the lower the cost per device. Best of all, if you manage multiple sites with OT-BASE, license fees are calculated based on the cummulative number of devices, not based on the number of devices per site.

Why we invented the world’s first full-fledged OT asset management platform
For twenty years we did little else but help asset owners in multiple industries to protect their plants against sophisticated cyber-physical attacks. The fundamental problem we encountered over and over again was a blatant lack of appropriate digital system documentation. As a result, assessment projects took much longer than needed, and always turned up serious vulnerabilities in system design that could have been avoided if appropriate documentation had been available.

We spent several years working on the concepts of an asset management platform purpose-built for digital operations technology which would fix all these issues. Based on a system model that is built from metadata rather than from content. Then, we turned concepts into reality, making sure that control system engineers and IT experts alike would actually love the resulting product:

The OT-BASE asset management platform.