Use Splunk for OT/ICS security
One analytical platform for IT and OT
Asset data you can search in Splunk using the OT-BASE Technical Add-on:
Asset type (e.g. PLC, RTU, network switch, computer, actuator, …)
Installed OS/Firmware version
Installed software applications
Installed security patches
Asset IP & MAC addresses
Layer 1 network connectivity & VLANs
Layer 3 network connectivity
Asset network exposure (private/public)
Machine association (e.g. “Packaging unit 2”)
Date of configuration changes
OT vulnerability management, easier than ever before
If you are using Splunk Enterprise Security, your OT vulnerabilities will automatically show up in Vulnerability Center.
If you are not using Splunk Enterprise Security, your can still check OT vulnerabilities in the vulnerability dashboard that comes with the OT-BASE Technical Add-on. Drill down into NIST CVE description pages, correlation searches, device lookups.