Infra­structure Security

We do not deal with the installation or maintenance of measurement and control technology. However, we know from experience that OT components have completely different requirements in terms of availability and therefore also require different processes. And this is where our expertise comes into play: Just because one of your OT devices has a vulnerability that has not been fixed is no reason to patch it or even install anti-virus software. The latter is generally prohibited due to the requirements of real-time operating systems, the former due to the necessary availability.

Instead, the ensec experts implement a zone model in your OT environment. Firewalls not only separate the OT environment from the IT environment if they share transport routes. Zones also protect devices from each other within the production environment. So even if, for example, a PLC is infected with malware, it is still not possible to access the engineering workstation. We define the zones together with you after our specialists have conducted an inventory to determine what belongs to OT and what needs to be included.
You can find out more about our OT services here.

Traditional IT environments today are generally complex structures: various products from a wide range of manufacturers not only need to be operated, but also kept under control. Automated vulnerability management is the only viable approach here. Otherwise, your IT specialists will invest a disproportionate amount of effort in determining the need for protection and the necessary steps.

The ensec specialists will advise you on the right way to integrate vulnerability management into your environment. For example, whether the whitebox approach, in which vulnerabilities are searched for based on a complete overview of the inventory, is the right way to go. Or whether agents on end devices should provide reports on the status of the systems. And, of course, we can also help you secure cloud infrastructures and select the right tools for you.

We integrate the vulnerability management solution into your environment based on the rules formulated by your CISO. Regardless of whether this involves a scanner, agents on end devices or the aforementioned approach based on the inventory. If necessary, we also develop the necessary changes to the configurations of web application firewalls (WAF) or intrusion prevention systems (IPS) in order to scan services operated behind these components.

Vulnerability management is more than just a collection of software tools. Rather, internal processes must also be established to eliminate the gaps discovered. For example, to define who remedies which risks, when and why. The ensec experts not only help you to set up the necessary reporting, but also to interpret the reports.

We also help you to assess individual risks – always depending on the respective network zones – and to identify your sensitive data. Based on this information, we then work with your team to prioritise how to deal with the respective weak points.

In the event of a data leak, it is these processes in particular that tell data protection officers how professionally the affected organisation has prepared for a data outflow. The better the preparation, the lower the fines that are usually triggered by GDPR breaches.