A new generation of xIoT asset discovery & risk assessment
The Phosphorus Unified xIoT Security Management Platform is powered by the industry’s first and only scalable Intelligent Active Discovery (IAD) engine that is fast, accurate, and safe, across a wide variety of Cyber-Physical System asset classes including Office/Workplace IoT devices, OT and ICS devices, IoMT devices, IIoT devices, and other IPv4 or IPv6-enabled embedded devices. The patented Phosphorus IAD approach intelligently calibrates the platform’s device interactions, dynamically adjusting discovery parameters such as probe sequencing, packet rates, ports in scope, and more – while ensuring that assets are fully classified with speed, safety, and minimal network impact.
A tale of two xIoT discovery approaches
Legacy passive discovery solutions are dependent on network monitoring to perform discovery, resulting in limited visibility, inaccurate inventory, long mean-time-to-inventory, and high network performance impact. Legacy active solutions fail with xIoT assets primarily because of their intrusive, brute-force device polling approaches that result in disrupted or dramatically degraded operations.
DISCOVERY APPROACHES
Overwhelms devices, often causing harm and interruption.
Often results in lower confidence & speculation. Not sufficient for device remediation.
SPANs & TAPs—requiring big network switching investments.
Slow, complex, error-prone, costly, and manual.
No built-in remediation. Can only isolate using VLANs, which is complex & expensive.
DISCOVERY Approach
No reckless scanning. Only safe and intelligent active xIoT discovery using native device protocols.
No guesswork here. 99% = 0%. 100% device certainty the first time.
Software-based and agentless. Can be deployed on-prem or in the cloud in minutes.
Discovers faster, uses fewer resources, & collects more granular data. Scalable for the largest enterprise environments.
Goes beyond discovery to full risk remediation for passwords, firmware, certificates, insecure configurations.
Fast discovery with immediate results
Time-to-discovery for select xIoT customer environments:
Global 500 machinery & robotics conglomerate
xIoT Discovery across an OT site (1,778 IPs) was accomplished in about 4 minutes.
Leading agricultural machinery manufacturer
xIoT Discovery across a select customer network was accomplished in about 8 minutes.
Leading managed healthcare consortium
xIoT Discovery across a select customer network was accomplished in about 11 minutes.
Large American energy & exploration company
xIoT Discovery across a select customer network was accomplished in about 12 minutes.
Global economic zone and smart city
xIoT Discovery across the 10.1.0.0/16 network (~65k IPs) was accomplished in about 18 minutes.
Global financial services company
xIoT Discovery across a range of 1.2 Million IPs was accomplished in about 6 hours 40 minutes.
Accurate to an x-I-o-T
Have confidence in your network discovery. Phosphorus Intelligent Active Discovery is evidence-based – no guesswork required. By collecting deep, granular device metadata, IAD provides 100% device certainty the first time, every time.
Covers a vendor list a mile long…
- Phosphorus covers more than 500 different IoT, OT, IoMT, and IIoT device vendors and manufacturers.
- The patented Phosphorus “Genus-Species” approach means that more than 1 Million different device models are covered.
…and growing.
- Phosphorus’s extensible xIoT Breach Prevention platform can add net-new capabilities, ultra-fast.
- Net-new xIoT device coverage can be added in a matter of hours, regardless of the type or vendor.
Minimal impact. Maximum results.
Phosphorus Intelligent Active Discovery is far more efficient than legacy solutions that strain network resources. Our IAD solution has no network performance impact and sends a fraction of the traffic compared to legacy passive solutions.
Finally. xIoT discovery that’s safe.
Devices are fully classified with ZERO disruption.
Customized Discovery Agendas for a tiered sequence of probes ensuring safety.
Safely discover even the most sensitive, legacy, and critical OT, ICS, and IoMT devices.
xIoT asset attributes in high resolution
Think fast because we’re throwing a lot at you. Get more device metadata and context than ever, including the make, model, firmware version, and whether or not that device is still supported or end-of-life.
Beyond device detail, you’re going to see the state of things with in-depth Risk Assessment info as part of the device interrogation process.
Default Passwords
Device is still running default passwords.
Insecure Configuration
Device is running with an insecure configuration.
Vulnerable Firmware
The active firmware version has known vulnerabilities.
Out-of-Date Firmware
A newer firmware version is available.
Password Reset
Suspected device tampering as device password was reset to default out of band.
Firmware Changed
Suspected device tampering as firmware version was changed out of band.
Discontinued Device
Device has been marked End-of-Life or Discontinued by the manufacturer.
Expired Certificate
Device certificate needs renewal or replacement.
Prohibited Device
Device prohibited by the United States Government was discovered.
See Phosphorus in Action
Request a demo to learn how we can help you eliminate the xIoT security gap with the only enterprise xIoT remediation platform.