As part of the nation's critical infrastructure, providers of electrical utilities must protect their infrastructures from growing cyberthreats. Specificially, they must meet the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection standards.
Tenable's vulnerability, threat and compliance management platform helps utilities ensure the safety and security of critical infrastructure by continuously monitoring the compliance and security of their enterprise and SCADA networks.
Using Nessus®, utilities can:
- Audit operating systems, routers and applications environments subject to NERC CIP for vulnerabilities
- Perform specific vulnerability checks on control systems such as Telvent, Siemens, ABB Ranger, Schneider Electric, and more
- Perform configuration audits of operating system and applications specifically used in control systems such as OSIsoft PI, ABB Ranger, and Siemens
Utilities can employ Tenable Passive Vulnerability Scanner™ (PVS™) to observe any IP-based control system network to monitor changes and trust relationships, discover assets, and assess vulnerabilities without affecting network performance.
The Log Correlation Engine™ (LCE™) gathers netflow, system logs, employee logins, intrusion detection events, file integrity information, and much more across enterprise networks and control system devices for aggregation, forensics, analysis, and correlation.
Using Nessus, utilities have access to Digital Bond's Bandolier project, which has produced audit policies for Nessus and SecurityCenter users to test the configurations of many different types of Unix and Windows control system software.