SCADA Security


Securing SCADA systems is nearly impossible. Internet connectivity continues to permeate into traditional closed, proprietary systems that employ many types of devices, from different manufacturers. These devices may be located in insecure locations. Now reachable online, the devices are susceptible to vulnerabilities and attacks such as Stuxnet and Duqu. Some systems may even be considered 'unscannable' because of their critical operational function.

Tenable's integrated approach to security and risk offers unparalleled visibility into the security posture of corporate and SCADA infrastructures.

Scanning SCADA Systems for Vulnerabilities

Tenable offers a layered approach to scanning SCADA systems and devices:

  • The Nessus vulnerability scanner performs both uncredentialed and credentialed scans of SCADA systems for a wide range of vulnerabilities.
  • Specific SCADA plugins are available through a partnership with Digital Bond. These plugins discover and scan SCADA devices for known and newly-discovered vulnerabilities.
  • Tenable Passive Vulnerability Scanner monitors network traffic for potential problems. Passive scanning is invaluable for devices considered 'unscannable' and offers coverage not available through active scanning technology alone.

Policy Audits for NERC CIP Compliance

Nessus audits compliance with configuration policies and best practices for securing SCADA environments. In the US, compliance scans can include audit policies for NERC Critical Infrastructure Protection (CIP) policies, created by partner Digital Bond through a project funded by the US Department of Energy. Learn more about the Bandolier project and Digital Bond.

Unified Security Monitoring and SCADA Security

Adding Tenable SecurityCenter and Log Correlation Engine to Tenable's active and passive scanning solutions creates a unified security monitoring environment for SCADA environments. Log Correlation Engine analyzes device logs for anomalies, threats, and network forensics information. SecurityCenter schedules and manages scans and analyzes information from all solutions for continuous, real-time insight into security.

Have questions or need more information about Tenable's SCADA security solutions? Check out:

Try Nessus

Discover the solution that's right for you.

Try Now

Compare SecurityCenter Editions

See what version of SecurityCenter is right for you.


Demo SecurityCenter

Schedule an enterprise evaluation of SecurityCenter to see your security and compliance information in a new way.

Schedule a Demo