A complete ICS risk assessment

Identify & prioritize vulnerabilities.

With an ICS Security Risk Assessment, you will know which devices are most vulnerable to attack, helping you prioritize your risk mitigation plans and better comply with regulatory frameworks that require you to identify and prioritize all vulnerabilities.

The Armis Agentless Device Security Platform automatically performs an ICS Security Risk Assessment for each device in your environment. The risk assessment includes an overall risk score for each device along with detailed information about the factors that make up each device’s risk profile.

Device specific OT communication risks.

Most OT environments are modeled after the Purdue reference architecture which shields vulnerable OT devices from attack by limiting their connections. But in practice, the Purdue model is often implemented imperfectly. There are often many loopholes and segmentation violations.

The Armis Platform provides visibility to devices on levels 0 through 5 of the Purdue reference architecture, including the connections between all devices. This visibility lets you identify risky connections and violations in your environment.

Specific ICS risk insights.

Once The Armis Platform has been deployed in your environment, you will be able to quickly build queries that will let you create reports which answer questions such as:

Do I have any HMI’s running Windows that are vulnerable to WannaCry?
Do I have any devices running VxWorks that are vulnerable to URGENT/11 attacks?
Are any of the switches on my ICS segment vulnerable to CDPwn?

Non-disruptive. Easily deployed.

The Armis ICS Security Risk Assessment does not use disruptive network scans or device probes. It uses only passive monitoring technologies, so there is no possibility of harm to your environment. The Armis Platform analyzes network traffic and compares what we see to over 2 billion devices in our Device Knowledgebase. You now have complete information about every device in your environment.