CINXE.COM

<!DOCTYPE html><html data-wf-domain="www.nozominetworks.com" data-wf-page="6545247d392723f0e478ffbe" data-wf-site="645a4534705010e2cb244f50" lang="en" data-wf-collection="6545247d392723f0e478ff17" data-wf-item-slug="importance-of-iot-ot-endpoint-detection-in-security"><head><meta charset="utf-8"/><title>The Importance of Physical Access Endpoint Detection</title><meta content="Nozomi Networks Labs publishes host-based cyber threat research behind our newly released endpoint security sensor, Arc." name="description"/><meta content="The Importance of Physical Access Endpoint Detection in OT & IoT" property="og:title"/><meta content="Nozomi Networks Labs publishes host-based cyber threat research behind our newly released endpoint security sensor, Arc." property="og:description"/><meta content="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID.jpeg" property="og:image"/><meta content="The Importance of Physical Access Endpoint Detection in OT & IoT" property="twitter:title"/><meta content="Nozomi Networks Labs publishes host-based cyber threat research behind our newly released endpoint security sensor, Arc." property="twitter:description"/><meta content="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID.jpeg" property="twitter:image"/><meta property="og:type" content="website"/><meta content="summary_large_image" name="twitter:card"/><meta content="width=device-width, initial-scale=1" name="viewport"/><link href="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/css/nozomi-2023.5a461d78a.min.css" rel="stylesheet" type="text/css"/><link href="https://fonts.googleapis.com" rel="preconnect"/><link href="https://fonts.gstatic.com" rel="preconnect" crossorigin="anonymous"/><script src="https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js" type="text/javascript"></script><script type="text/javascript">WebFont.load({ google: { families: ["Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic","Vollkorn:400,400italic,700,700italic","Merriweather:300,300italic,400,400italic,700,700italic,900,900italic","Open Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic","Oswald:200,300,400,500,600,700"] }});</script><script type="text/javascript">!function(o,c){var n=c.documentElement,t=" w-mod-";n.className+=t+"js",("ontouchstart"in o||o.DocumentTouch&&c instanceof DocumentTouch)&&(n.className+=t+"touch")}(window,document);</script><link href="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65dca135c2a0377136b5d42b_NN-Favicon-32x32px.png" rel="shortcut icon" type="image/x-icon"/><link href="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65dca12dbfa711f6599f64a5_NN-Favicon-256x256px-white.png" rel="apple-touch-icon"/><link href="https://www.nozominetworks.com/blog/importance-of-iot-ot-endpoint-detection-in-security" rel="canonical"/><script async="" src="https://www.googletagmanager.com/gtag/js?id=G-XPDLLMSMHQ"></script><script type="text/javascript">window.dataLayer = window.dataLayer || [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());gtag('set', 'developer_id.dZGVlNj', true);gtag('config', 'G-XPDLLMSMHQ');</script><script id="jetboost-script" type="text/javascript"> window.JETBOOST_SITE_ID = "clj7g82ou015p0qp589h903v7"; (function(d) { var s = d.createElement("script"); s.src = "https://cdn.jetboost.io/jetboost.js"; s.async = 1; d.getElementsByTagName("head")[0].appendChild(s); })(document); </script> <style> .image-div-fit { object-fit: cover; object-position: bottom left; } .image-div-fit-related { object-fit: cover; object-position: bottom left; } .image-div-fit-blog { object-position: center!important; } .code-snippet { padding: 40px; background-color: #efefef; width: 100%; overflow-wrap: anywhere; font-family: Courier New; } .footer-subscribe-embed-box .hs-form-private { display: block!important; } .footer-subscribe-embed-box label { margin-bottom: 5px; color: #fff; font-family: Montserrat; font-weight: 400; } .footer-subscribe-embed-box .hs-input { padding: 10px; border-radius: 5px; font-family: Montserrat; font-size: 14px; border: 0px; width: 95%; min-width: 275px; margin-right: 10px; } .footer-subscribe-embed-box .hs-fieldtype-checkbox { margin-top: 15px; } .footer-subscribe-embed-box li .hs-input { min-width: 0px!important; width: 15px; list-style-type: none; } .footer-subscribe-embed-box .inputs-list { padding-left: 0px; list-style-type: none; } .sidebar-newsletter-box .hs-fieldtype-checkbox { margin-top: 15px; } .sidebar-newsletter-box li .hs-input { min-width: 0px!important; width: 15px; list-style-type: none; font-weight: 400; font-size: 12px; } .sidebar-newsletter-box .inputs-list { padding-left: 0px; list-style-type: none; } .footer-subscribe-embed-box .is-placeholder { padding-bottom: 8px!important; } .footer-subscribe-embed-box .hs-input option { padding-bottom: 0px!important; } .sidebar-newsletter-box .hs-input { padding: 10px; border-radius: 5px; font-family: Montserrat; font-size: 11px; border: 0px; width: 95%; margin-right: 10px; } .sidebar-newsletter-box .hs-error-msg { font-size: 12px; font-weight: 800; font-family: Montserrat; color: #D13164; } .sidebar-newsletter-box .hs-error-msgs { padding-left: 0px; list-style-type: none } .sidebar-newsletter-box label { font-family: Montserrat; color: #fff; font-weight: 400; font-size: 12px; } .sidebar-newsletter-box .hs-button { margin-top: 5px; margin-bottom: 10px; font-size: 14px; padding: 10px; padding-left: 20px; padding-right: 20px; color: #fff; background-color: #D13164; border: 0px; font-family: Montserrat; font-weight: 400; border-radius: 20px; box-shadow: 0px 4px 8px rgba(0, 0, 0, 0.3); } .sidebar-newsletter-box .hs-form-private { justify-content: left!important; } .footer-subscribe-embed-box .hs-button { margin-top: 5px; margin-bottom: 10px; font-size: 14px; padding: 10px; padding-left: 20px; padding-right: 20px; color: #fff; background-color: #D13164; border: 0px; font-family: Montserrat; font-weight: 400; border-radius: 20px; box-shadow: 0px 4px 8px rgba(0, 0, 0, 0.3); } .footer-subscribe-embed-box .hs-error-msgs{ padding-left: 15px; color: #D13164; font-family: Montserrat; font-size: 10px; display: block!important; } .footer-subscribe-embed-box .hs-fieldtype-select { margin-right: -12px; } .footer-subscribe-embed-box .submitted-message { max-width: 350px; margin-left: auto; margin-right: auto; font-size: 14px; font-family: Montserrat; text-align: center; color: #fff; font-weight: 700; } .legal-content-section { justify-content: flex-start; display: flex; line-height: 26px; font-family: 'Montserrat'; font-size: 18px; font-weight: 400; } .legal-content-section h5 { margin-top: 10px; font-size: 18px; line-height: 26px; } .legal-content-section li { font-weight: 400; line-height: 24px; margin-bottom: 8px; } @supports (display: flex) { @media screen and (max-width: 480px) { .footer-subscribe-embed-box .hs-form-private { display: block!important; } } } </style> <script> var hsscript = document.createElement("script"); hsscript.src = "https://cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js"; hsscript.async = 1; hsscript.dataset.apikey = "5105728fe4c8805a36893632a83b6e"; hsscript.dataset.cookieless = 1; hsscript.dataset.autoIdentify = 1; document.getElementsByTagName('head')[0].append(hsscript); </script> <script> document.addEventListener("DOMContentLoaded", function() { var authorElement = document.querySelector('.post-author-text-byline-author'); if (authorElement) { var authorName = authorElement.textContent.trim(); window.dataLayer = window.dataLayer || []; window.dataLayer.push({ 'event': 'authorDataReady', 'author': authorName }); } else { console.error("Author element not found"); } }); </script>  <script src=https://cdn.cookielaw.org/scripttemplates/otSDKStub.js type="text/javascript" charset="UTF-8" data-domain-script="1b3a08d1-270d-4dc7-8bd4-239c4aab3143" ></script> <script type="text/javascript"> function OptanonWrapper() { } </script>   <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-NMJG569" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>  <script> window.dataLayer = window.dataLayer || []; </script>  <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!=='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-NMJG569');</script>   <script type="text/javascript" id="hs-script-loader" async defer src="https://js.hs-scripts.com/2724979.js"></script>   <script>void 0===window.navatticQueue&&(window.navatticQueue=[],window.navattic=new Proxy({},{get:function n(t,u,e){return function(){for(var n=arguments.length,t=Array(n),e=0;e<n;e++)t[e]=arguments[e];return navatticQueue.push({function:u,arguments:t})}}}));</script> <script async src=https://js.navattic.com/sdk.js data-key="pkey_cm34kqm5r01wars3b4wc40m5f"></script> <script type="application/ld+json"> { "@context": "https://schema.org/", "@type": "Article", "mainEntityOfPage": { "@type": "WebPage", "@id": "https://www.nozominetworks.com/blog/importance-of-iot-ot-endpoint-detection-in-security" }, "headline": "The Importance of Physical Access Endpoint Detection in OT & IoT", "description": "Nozomi Networks Labs publishes host-based cyber threat research behind our newly released endpoint security sensor, Arc.", "image": { "@type": "ImageObject", "url": "https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID.jpeg", "width": "", "height": "" }, "author": { "@type": "Organization", "name": "Nozomi Networks" }, "publisher": { "@type": "Organization", "name": "https://www.nozominetworks.com/", "logo": { "@type": "ImageObject", "url": "https://assets-global.website-files.com/645a4534705010e2cb244f50/647cdfc8e9b140d6c4dd4877_nozomi-logo.svg", "width": "", "height": "" } }, "datePublished": "Oct 21, 2024", "dateModified": "Oct 21, 2024" } </script> <style> .has-fixed-layout td { padding: 10px; text-align: left; font-size: 12px; } .has-fixed-layout th { text-align: left; } .has-fixed-layout tr { padding-bottom: 15px; } .has-fixed-layout table { padding-bottom: 30px; } .post-body-rich-text-block .w-embed { font-family: Montserrat; font-size: 16px; margin-bottom: 20px; line-height: 26px; font-weight: 400; } figcaption { font-size: 12px; } } .author-collection-list-item::after { content: ',' ; display: inline-block; } .author-collection-list-item:nth-last-child(2)::after { content: 'and'; } .author-collection-list-item:last-child::after { content: ''; } </style><script type="text/javascript">window.__WEBFLOW_CURRENCY_SETTINGS = {"currencyCode":"USD","symbol":"$","decimal":".","fractionDigits":2,"group":",","template":"{{wf {\"path\":\"symbol\",\"type\":\"PlainText\"} }} {{wf {\"path\":\"amount\",\"type\":\"CommercePrice\"} }} {{wf {\"path\":\"currencyCode\",\"type\":\"PlainText\"} }}","hideDecimalForWholeNumbers":false};</script></head><body><div class="navigation-full"><section class="announcement-bar"><div class="w-layout-blockcontainer announcement-bar-container w-container"><div class="announcement-bar-text"><strong>Live Demo: The Nozomi Networks Platform in 15 Minutes<br/></strong></div><a href="https://www.nozominetworks.com/resources/live-demo-the-nozomi-networks-platform-in-15-minutes" target="_blank" class="announcement-bar-button w-button">Register Now</a></div></section><div class="navigation-top-banner"><div class="container-navigation top-menu-container w-container"><div class="navigation-link-wrapper top-navigation-link-wrapper"><a href="/academy" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Academy</div></a><a href="/labs" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Labs</div></a><a href="/company/careers" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Careers</div></a><a href="https://partners.nozominetworks.com/English/" target="_blank" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Partner Login</div></a><a href="/support" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Support</div></a><div class="search-bar-container"><form action="/search" class="search w-form"><input class="search-input new-search w-input" maxlength="256" name="query" placeholder="Search our site" type="search" id="search" required=""/><input type="submit" class="search-button new-search-button w-button" value=""/></form></div></div></div></div><div data-collapse="medium" data-animation="default" data-duration="400" data-easing="ease" data-easing2="ease" role="banner" class="navigation w-nav"><div class="container-navigation"><div class="navigation-link-wrapper"><a href="/" class="brand w-nav-brand"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647cdfc8e9b140d6c4dd4877_nozomi-logo.svg" loading="eager" width="Auto" height="Auto" alt="Nozomi logo" class="logo-image"/></a></div><div class="navigation-button-wrapper"><nav role="navigation" class="menu-wrap w-nav-menu"><div data-hover="false" data-delay="0" data-w-id="1ab40eba-a5f5-f7de-7704-089030f70ece" class="dropdown w-dropdown"><div class="nav-toggle w-dropdown-toggle"><div>Platform</div></div><nav class="dropdown-list w-dropdown-list"><div class="w-layout-grid grid dropdown-nav-grid"><div id="w-node-_3ea21f8a-1846-69ab-921e-8e8150a3c30a-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647dee6d3014cdc037112e34_nozomi-platform-menu-icon-1.svg" loading="lazy" alt=""/><h3 class="nozomi-mega-menu-white-box-header">Platform Overview</h3><p class="nozomi-mega-menu-white-box-paragraph">Our industrial cybersecurity solutions deliver unmatched asset intelligence, threat detection and AI-driven insights.</p><a href="/products" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Learn more</div></a></div></div><div id="w-node-_400aa6f7-63fa-cc3f-8563-dc071d4fcba7-30f70ec3" class="nav-dropdown-column-wrapper nav-dropdown-column-wrapper---border-right"><div class="nav-link-list-dropdown-wrapper"><div class="nav-link-list-small-header">MANAGERS</div><a href="/products/vantage" class="nav-link-list-link nav-link-list-tag-wrapper w-inline-block"><div class="nav-list-link-text">Vantage</div><div class="nav-link-list-tag"><div class="nav-link-list-tag-text">Cloud</div></div></a><a href="/products/central-management-console" class="nav-link-list-link nav-link-list-tag-wrapper w-inline-block"><div class="nav-list-link-text">Central Management Console</div><div class="nav-link-list-tag"><div class="nav-link-list-tag-text">On prem</div></div></a><div class="nav-link-list-small-header nav-link-list-small-header---next">SENSORS</div><a href="/products/guardian" class="nav-link-list-link nav-link-list-tag-wrapper w-inline-block"><div class="nav-list-link-text">Guardian</div><div class="nav-link-list-tag"><div class="nav-link-list-tag-text">Network</div></div></a><a href="/products/guardian-air" class="nav-link-list-link nav-link-list-tag-wrapper w-inline-block"><div class="nav-list-link-text">Guardian Air</div><div class="nav-link-list-tag"><div class="nav-link-list-tag-text">Wireless</div></div></a><a href="/products/arc" class="nav-link-list-link nav-link-list-tag-wrapper w-inline-block"><div class="nav-list-link-text">Arc</div><div class="nav-link-list-tag"><div class="nav-link-list-tag-text">Endpoint</div></div></a><div class="nav-link-list-small-header nav-link-list-small-header---next">ENHANCEMENTS</div><a href="/products/vantage-iq" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Vantage IQ</div></a><a href="/products/asset-intelligence" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Asset Intelligence</div></a><a href="/products/threat-intelligence" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Threat Intelligence</div></a><a href="/products/smart-polling" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Smart Polling</div></a></div></div><div id="w-node-d93d606f-7616-665b-d9d6-f2be7c09df30-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647df4835368816567937004_nozomi-platform-menu-icon-2.svg" loading="lazy" alt=""/><h3 class="nozomi-mega-menu-white-box-header">Professional Services</h3><p class="nozomi-mega-menu-white-box-paragraph">OT and IoT security expertise that speeds solution deployment and maximizes value</p><a href="/professional-services" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Learn more</div></a></div></div><div id="w-node-c4efda6a-2861-356b-d552-253f04d97b7b-30f70ec3" class="nav-dropdown-column-wrapper"><div class="nav-link-list-dropdown-wrapper"><div class="nav-link-list-small-header">PROFESSIONAL <br/>SERVICES</div><a href="/professional-services/solution-design" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Design</div></a><a href="/professional-services/solution-deployment" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Deployment</div></a><a href="/professional-services/fast-track-service-packages" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Fast Track</div></a><a href="/professional-services/solution-optimization" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Optimization</div></a><a href="/professional-services/project-management" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Project Management</div></a></div></div></div></nav></div><div data-hover="false" data-delay="0" data-w-id="e1a612db-5ef3-2e1e-ef70-834ad7caa020" class="dropdown w-dropdown"><div class="nav-toggle w-dropdown-toggle"><div>Solutions</div></div><nav class="dropdown-list w-dropdown-list"><div class="w-layout-grid grid dropdown-nav-grid dropdown-nav-grid-solutions"><div id="w-node-e1a612db-5ef3-2e1e-ef70-834ad7caa030-30f70ec3" class="nav-dropdown-column-wrapper nav-dropdown-column-wrapper---border-right nav-dropdown-solutions-wrapper"><div class="nav-link-list-dropdown-wrapper"><div class="nav-link-list-small-header-with-icon-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647df7bf62bc558e18211b85_nozomi-solutions-menu-icon-1.svg" loading="lazy" alt="" class="nav-link-list-small-header-icon"/><div class="nav-link-list-small-header">BUSINESS NEED</div></div><a href="/solutions/iot-ot-asset-inventory-management" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Asset Inventory Management</div></a><a href="/solutions/threat-detection-and-response" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Threat Detection & Response</div></a><a href="/solutions/iot-ot-network-monitoring" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Continuous Network Monitoring</div></a><a href="/solutions/iot-ot-vulnerability-management" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Risk & Vulnerability Management</div></a><a href="/solutions/iot-security" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">IoT Security</div></a><a href="/solutions/data-center-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Data Center Cybersecurity</div></a><a href="/solutions/building-automation-system-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Building Automation System<br/>Cybersecurity</div></a></div></div><div id="w-node-f086dac4-d3e5-963f-9b8e-0ff111f5ae9d-30f70ec3" class="nav-dropdown-column-wrapper nav-dropdown-solutions-wrapper"><div class="nav-link-list-dropdown-wrapper"><div class="nav-link-list-small-header-with-icon-wrapper industry-nav-link-list-small-header"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647df7bf74ced86d0dc1c29c_nozomi-solutions-menu-icon-3.svg" loading="lazy" alt="" class="nav-link-list-small-header-icon"/><div class="nav-link-list-small-header">INDUSTRY</div></div><div class="nav-link-list-two-column-wrapper w-row"><div class="w-col w-col-6 w-col-stack"><a href="/industries/airport-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Airports</div></a><a href="/industries/electric-utilities-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Electric Utilities</div></a><a href="/industries/federal-government" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Federal Government</div></a><a href="/industries/healthcare-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Healthcare</div></a><a href="/industries/manufacturing-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Manufacturing</div></a><a href="/industries/maritime-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Maritime</div></a><a href="/industries/mining-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Mining</div></a></div><div class="column-3 w-col w-col-6 w-col-stack"><a href="/industries/oil-gas-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Oil & Gas</div></a><a href="/industries/pharmaceutical-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Pharmaceutical</div></a><a href="/industries/rail-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Rail</div></a><a href="/industries/retail-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Retail</div></a><a href="/industries/smart-cities-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Smart Cities</div></a><a href="/industries/stadiums-arenas" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Stadiums & Arenas</div></a><a href="/industries/water-wastewater-cybersecurity" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Water &<br/>Wastewater</div></a></div></div></div></div><div id="w-node-_6cc7f1ae-788f-64bd-f869-1683ba23c206-30f70ec3" class="nav-dropdown-column-wrapper nav-dropdown-column-wrapper---border-right nav-dropdown-solutions-wrapper"><div class="nav-link-list-dropdown-wrapper"><div class="nav-link-list-small-header-with-icon-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647df7bfb032786965be445e_nozomi-solutions-menu-icon-2.svg" loading="lazy" alt="" class="nav-link-list-small-header-icon"/><div class="nav-link-list-small-header">COMPLIANCE</div></div><a href="/compliance/isa-iec-62443-standards" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">ISA/IEC 62443 Standards</div></a><a href="/compliance/nerc-cip" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">NERC CIP</div></a><a href="/compliance/nis2-directive-compliance" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">NIS2 Directive</div></a><a href="/compliance/sec-cybersecurity-rules" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">SEC Cybersecurity Rules</div></a><a href="/compliance/tsa-security-directives" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">TSA Security Directives</div></a></div></div></div></nav></div><div data-hover="false" data-delay="0" data-w-id="9a7c8e13-35ed-5514-55fe-acbc3f5fa706" class="dropdown w-dropdown"><div class="nav-toggle w-dropdown-toggle"><div>Partners</div></div><nav class="dropdown-list w-dropdown-list"><div class="w-layout-grid grid dropdown-nav-grid dropdown-nav-grid-partners"><div id="w-node-_73cd8bf4-a1be-55e6-0b6d-dc5f9a824c35-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide partner-mega-menu-box"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647dfde6427cc3addfcd2765_nozomi-partners-menu-icon-1.svg" loading="lazy" alt=""/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">Why Partner with Us</h3><p class="nozomi-mega-menu-white-box-paragraph">Our global partner network deploys OT & IoT cybersecurity solutions for customers around the world.</p><a href="/partners" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Learn more</div></a></div></div><div id="w-node-_9a7c8e13-35ed-5514-55fe-acbc3f5fa70c-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide partner-mega-menu-box"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647dfea905891930ecca34ac_nozomi-about-menu-icon-1.svg" loading="lazy" alt="" class="partner-menu-icon-1"/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">Our Partners</h3><p class="nozomi-mega-menu-white-box-paragraph">Explore all Nozomi Networks partners</p><a href="/partners#our-partners" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Learn more</div></a></div></div><div id="w-node-_22c9ad28-eba7-dea8-6747-bc706e91b27b-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide partner-mega-menu-box"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65df8146636482acba9ef204_partner-search-icon.svg" loading="lazy" alt="" class="partner-mega-menu-icon-med"/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">Find a Partner</h3><p class="nozomi-mega-menu-white-box-paragraph">Find a certified Nozomi Networks partner in your country.</p><a href="/partners/find-a-partner" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Learn more</div></a></div></div><div id="w-node-b6981566-e6b8-35f7-7a13-38fef51a2191-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide partner-mega-menu-box"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64d507342134d4fe7e42c63f_NN-Icons-3-Colors-400x400px_laptop-140.svg" loading="lazy" alt="" class="partner-portal-icon partner-portal-icon-lg"/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">Partner Portal</h3><p class="nozomi-mega-menu-white-box-paragraph">Log into the Nozomi Networks partner portal.</p><a href="https://partners.nozominetworks.com/English/" target="_blank" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Log In</div></a></div></div></div></nav></div><div data-hover="false" data-delay="0" data-w-id="7d3ce5f9-6240-b523-6112-039ee7d7c514" class="dropdown w-dropdown"><div class="nav-toggle w-dropdown-toggle"><div>Resources</div></div><nav class="dropdown-list w-dropdown-list"><div class="w-layout-grid grid dropdown-nav-grid dropdown-nav-resources-grid"><div id="w-node-c0f1f060-a76b-da20-975b-6301dc235111-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e083e33848493787fd49d_nozomi-resources-menu-icon-1.svg" loading="lazy" alt=""/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">Resource Library</h3><p class="nozomi-mega-menu-white-box-paragraph">Browse OT & IoT security research, guides, videos and more from the Nozomi Networks team.</p><a href="/resources" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">View Resources</div></a></div></div><div id="w-node-b95a8b1c-9b8b-0bf5-6bcc-881812dba420-30f70ec3" class="nav-dropdown-column-wrapper nav-dropdown-resources-columns-wrapper"><div class="nav-link-list-dropdown-wrapper"><div class="nav-link-list-small-header">RESOURCES</div><div class="nav-link-list-two-column-wrapper w-row"><div class="nav-menu-resources-column-1 w-col w-col-6"><a href="/case-studies" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Case Studies</div></a><a href="/content-packs" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Content Packs</div></a><a href="/data-sheets" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Data Sheets</div></a><a href="/guides" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Guides </div></a><a href="/podcasts" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Podcasts</div></a></div><div class="column-4 w-col w-col-6"><a href="/research-reports" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Research Reports</div></a><a href="/solution-briefs" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Solution Briefs</div></a><a href="/videos" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Videos</div></a><a href="/webinars" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">Webinars</div></a><a href="/white-papers" class="nav-link-list-link w-inline-block"><div class="nav-list-link-text">White Papers</div></a></div></div></div></div><div id="w-node-_75fdf6f2-5fd5-5484-f185-d94876eefc91-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647dfea905891930ecca34ac_nozomi-about-menu-icon-1.svg" loading="lazy" alt=""/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">Customer Hub</h3><p class="nozomi-mega-menu-white-box-paragraph">Explore our latest customer resources, including webinars, how-to videos, content packs and more.</p><a href="/customer-resources" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">View Hub</div></a></div></div></div></nav></div><a href="/blog" class="top-nav-link-block w-inline-block"><div class="nav-toggle">Blog</div></a><div data-hover="false" data-delay="0" class="dropdown w-dropdown"><div class="nav-toggle w-dropdown-toggle"><div>Company</div></div><nav class="dropdown-list w-dropdown-list"><div class="w-layout-grid grid dropdown-nav-grid dropdown-nav-grid-company"><div id="w-node-_521dd46f-a407-64a5-dd19-ffaa1e9ebfbe-30f70ec3" class="nav-dropdown-column-wrapper white-box-column-wrapper"><div class="nav-dropdown-white-box-wrapper nav-dropdown-white-box-wrapper---wide"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647dfea905891930ecca34ac_nozomi-about-menu-icon-1.svg" loading="lazy" alt=""/><h3 class="nozomi-mega-menu-white-box-header nozomi-mega-menu-white-box-header---wide">About Nozomi Networks</h3><p class="nozomi-mega-menu-white-box-paragraph">We keep critical infrastructure and operational technology cyber resilient.</p><a href="/company" class="nozomi-mega-menu-white-box-link w-inline-block"><div class="nozomi-mega-menu-white-box-link-text">Learn more</div></a></div></div><div id="w-node-_521dd46f-a407-64a5-dd19-ffaa1e9ebfc8-30f70ec3" class="nav-dropdown-column-wrapper"><div class="nav-link-list-dropdown-wrapper nav-icon-links-grid-wrapper"><div class="nav-icon-links-column-wrapper w-row"><div class="w-col w-col-6"><a href="/company/leadership" class="nav-icon-links-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64c93675ed962a0e3b6e45d8_leadership-team-icon.svg" loading="lazy" alt="" class="nav-icon-links-icon company-links-icon"/><div class="nav-icon-links-text">Leadership Team</div></a><a href="/events" class="nav-icon-links-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64b57df71e33d8cb8245cbe7_%20events-icon.svg" loading="lazy" alt="" class="nav-icon-links-icon company-links-icon"/><div class="nav-icon-links-text">Events</div></a><a href="/company/newsroom" class="nav-icon-links-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64b57df7bb1169138c54ebc8_newsroom-icon.svg" loading="lazy" alt="" class="nav-icon-links-icon company-links-icon"/><div class="nav-icon-links-text">Newsroom</div></a></div><div class="w-col w-col-6"><a href="/company/careers" class="nav-icon-links-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64b57df7e2340e9dfe2c628b_careers-icon.svg" loading="lazy" alt="" class="nav-icon-links-icon company-links-icon"/><div class="nav-icon-links-text">Careers</div></a><a href="/customer-testimonials" class="nav-icon-links-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64b57df7de423e6e0ba360c1_customer-testimonials.svg" loading="lazy" alt="" class="nav-icon-links-icon company-links-icon"/><div class="nav-icon-links-text">Customer Testimonials</div></a><a href="/company/contact-us" class="nav-icon-links-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64b57df87f088fba967ffc33_contact-us.svg" loading="lazy" alt="" class="nav-icon-links-icon company-links-icon contact-us-menu-icon"/><div class="nav-icon-links-text">Contact Us</div></a></div></div></div></div></div></nav></div><div class="search-bar-container search-bar-container-mobile-nav"><form action="/search" class="search search-bar-container-mobile-nav w-form"><input class="search-input new-search search-input-mobile-nav w-input" maxlength="256" name="query" placeholder="" type="search" id="search" required=""/><input type="submit" class="search-button new-search-button w-button" value=""/></form></div></nav><a href="/demo" class="nav-button hs-cta-trigger-button-hs-cta-trigger-button-152380361226 w-button">Request Demo</a><div class="menu-button w-nav-button"><div class="w-icon-nav-menu"></div></div></div></div></div></div><section class="post-template"><div class="post-template-wrapper w-container"><div class="post-template-columns w-row"><div class="ost-template-body-content-column w-col w-col-9 w-col-stack"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID.jpeg" loading="lazy" alt="The Importance of Physical Access Endpoint Detection in OT & IoT" sizes="(max-width: 479px) 85vw, (max-width: 767px) 91vw, (max-width: 991px) 93vw, (max-width: 1279px) 70vw, 800px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID-p-500.jpeg 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID-p-800.jpeg 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID-p-1080.jpeg 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/646273d10df968af7557644b_Malicious_USB_HID.jpeg 1200w" class="post-featured-image"/><h1 class="post-title">The Importance of Physical Access Endpoint Detection in OT & IoT</h1><div class="post-author-date-wrapper"><div class="post-author-text-byline">by </div><div class="w-dyn-list"><div role="list" class="author-collection-list w-dyn-items"><div role="listitem" class="author-collection-list-item w-dyn-item"><div class="post-author-text-byline post-author-text-byline-author">Nozomi Networks Labs</div></div></div></div><div class="post-author-text-byline post-author-text-byline-separator"> | </div><div class="post-author-text-byline post-author-text-byline-date">March 21, 2023</div></div><div class="post-body-rich-text-block blog-tich-text w-richtext"><p>Given the rising prevalence and sophistication of cyberattacks in today's threat landscape, safeguarding networks against them is essential to maintain the confidentiality, integrity, and availability of critical information assets. While network-based detection and monitoring is crucial for OT/IoT security, it alone cannot provide sufficient protection against multi-level sophisticated cyberattacks. It's essential to implement a comprehensive layered defense strategy that includes host-based detection systems. These systems offer a range of benefits to businesses and organizations by detecting malicious activity that may not be visible in network traffic.</p><p>Nozomi Networks recently released <a href="https://www.nozominetworks.com/products/arc">Arc</a>, an OT/IoT endpoint security sensor that supports more accurate diagnostics of in-progress threats and anomalies, including the identification of compromised hosts with malware, rogue applications, unauthorized USB drives, and suspicious user activity. This level of visibility also allows for the monitoring and analysis of user behavior, which can help identify potential insider threats before they become a major issue. </p><p>In this blog, we share insights into host-based threats, highlight the importance of endpoint detection sensors in securing networks against cyber threats, and explain how these sensors work to detect and respond to potential security breaches. </p><h2>Why Endpoint Detection for OT/IoT?</h2><p>Endpoint protection is particularly critical in OT and IoT because these systems are responsible for controlling and monitoring physical processes such as power generation, oil and gas pipelines, water treatment, and transportation. Any cyberattack on these systems could have severe consequences, including disruptions to critical infrastructure, financial losses, and even loss of life. Unlike IT systems that primarily deal with data processing and storage, OT/IoT endpoints rely on physical equipment and machinery. Therefore, securing these endpoints is crucial to preventing unauthorized access or malicious tampering with the system's operations. Additionally, OT/IoT endpoints often have limited computing resources and may not be regularly updated like typical IT endpoints. This makes them more vulnerable to cyber threats, placing endpoint protection as a top priority in OT/IoT environments.</p><p>Gabriele Webber, product manager behind the Nozomi Arc sensor, stresses the importance of securing OT/IoT endpoints. “As technology continues to advance, so do the methods that hackers use to gain unauthorized access,” he says. “An endpoint security solution helps to prevent these attacks by providing a layer of protection that can detect and block potential threats from within, complementing network monitoring.”</p><h2>Examples of Physical Endpoint Cyber Threats</h2><p>One of the first steps an attacker can take to gain access to a system is through physical access. Attackers can obtain physical access to their target endpoints by exploiting Human Interface Devices (HIDs) such as the special keyboards or mouse, also known as BadUSB devices. These counterfeit HIDs appear physically identical to legitimate ones, but their internal components are modified so that when connected to the targeted computer, malicious code is executed. Once physical access is obtained, they can gain access to more sensitive parts of the system that may not have been visible before.</p><p>Why are threat actors interested in the physical access attack vector, and how are they using these BadUSB devices to obtain physical access A BadUSB device can modify system settings, open backdoors, retrieve sensitive data or do anything that can be achieved with physical access. There are two common threats posed by BadUSBs – key loggers and keystroke injections – which can compromise endpoints. </p><p><strong>Key loggers:</strong> A keylogger is a type of device that records every keystroke made on a computer or mobile device. Once active, the keylogger operates in the background without the user's knowledge, recording all keystrokes and storing or transmitting them. </p><p>Hackers use keyloggers to steal sensitive information such as login credentials. A keylogger can be utilized on an OT/IoT endpoint to acquire log-in credentials for a computing endpoint, like a desktop computer used in an industrial environment. These credentials can then be used in a subsequent keystroke injection attack, which allows the attacker to gain elevated privileges within the system.</p><p><strong>Keystroke injections: </strong>A keystroke injection is a type of cyberattack that involves injecting keystrokes into a computer system to execute unauthorized commands or actions. In this case the BadUSB devices are indeed designed to emulate keyboards and inject keystrokes. The attacker typically pre-programs the BadUSB with a script containing a series of keystrokes that mimic legitimate user inputs. When the device is plugged into the target system, it typically emulates these keystrokes at a rapid pace, executing malicious commands and actions such as installing malware, stealing sensitive data, or taking control of the system. The goal of a rapid execution is to conceal the script from the HID user.</p><p>Keystroke injection attacks can be particularly effective because they bypass traditional security measures such as firewalls and antivirus software. Additionally, they do not require any network connectivity, making them difficult to detect using network monitoring tools.</p><p>While both may be similar, a keystroke injection is an active attack that aims to execute unauthorized commands or actions on a system, while keylogging is a passive technique used for monitoring user activity and stealing sensitive information.</p><h2>Nozomi Networks’ Research</h2><p>USB devices can be an attack vector for OT/IoT because they can be used to introduce malware into the system. In many cases, USB devices are used to transfer data between different systems or to update firmware on ICS devices. However, if a USB device is infected with malware, it can easily spread throughout the network and compromise critical systems. The current challenge that industrial operators are facing is the limited visibility inside critical devices potentially exposed to these types of supply chain compromises. </p><p>To address this challenge, Nozomi Networks Labs has been working on a cutting-edge cybersecurity research project to gain further insight into the problem. By building a compromised BadUSB device which executes a malicious payload once connected to the target machine, this research project provided insights into how to develop a sensor that protects OT/IoT endpoints from BadUSB attacks and other malicious activity.</p><p><strong>Here are a few highlights from our findings:</strong></p><p>• We conducted a thorough analysis of USB traffic, considering factors such as typing speed, keystrokes, and blacklisted or whitelisted words and sentences;</p><p>• The patterns we observed during our study were categorized as either Legitimate or Malicious;</p><p>• We developed features within our Arc sensor that allow it to detect keystroke injections on OT/IoT endpoints by comparing artificial typing traffic to legitimate human typing traffic;</p><p>• We used the Arc sensor to process the traffic and apply detections based on the MITRE Framework;</p><p>• Finally, we created a fully functional demo of USB backdoor attacks that showcased how our Arc sensor can identify malicious activity at the host-level (see Figure 1).</p><p> </p><figure class="w-richtext-align-center w-richtext-figure-type-image"><div><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6715fd66f04ad54e33e57bd1_64f739b2ff63ea13e5a57d21_Figure1.png" loading="lazy" alt="Malicious USB HID detection"/></div><figcaption>Figure 1. Malicious USB HID detection</figcaption></figure><p>‍</p><p>Because of the in-depth research from our Labs team, the Nozomi Networks Arc sensor can detect malicious devices that may appear legitimate to a PC. For example, it can check the typing rate to determine if it is too high to feasibly be a human typing, which is indicative of malicious activity. For additional technical details, read our <a href="https://www.nozominetworks.com/blog/hardware-supply-chain-compromise-in-human-interface-devices-nozomi-networks-hydro-quebec-joint-research">blog</a> on hardware supply chain compromise in HIDs. </p><h2>Advantages of Host-Based Detection for OT</h2><p>One of the biggest issues with OT/IoT is that many devices do not have the ability to detect all potential threats. However, with this type of system, it is possible to complement network visibility with endpoint visibility, tracing data all the way from the end point to the application or service that generated it; which accurately identifies the source and location of any malicious activity. This level of visibility allows organizations to quickly identify and respond to threats, giving them a more proactive approach to cybersecurity.</p><p>Arc also makes it possible for organizations to monitor multiple machines and devices simultaneously, ensuring that any suspicious activity is identified and dealt with quickly. Additionally, this scalability allows for improved threat intelligence gathering capabilities, helping organizations stay ahead of potential attacks.</p><h2>Conclusion</h2><p>Threat actors are becoming increasingly sophisticated in their tactics for targeting OT and IoT endpoints, making it essential for organizations to implement robust security measures to protect against these threats. Attack vectors can come from a variety of sources – from phishing emails to infected BadUSB devices. It's important for organizations to be vigilant and proactive in identifying potential threats before they can cause damage. This includes implementing not only technical solutions such as firewalls and intrusion detection systems, but also developing strong policies around employee behavior and physical access control.</p><p>Protecting OT and IoT endpoints requires a multifaceted approach that considers both technical solutions and human behavior. With the right strategy in place, however, organizations can reduce their risk of falling victim to cyberattacks targeting these critical systems.</p><p>‍</p></div><div class="related-resources-wrapper related-blog-wrapper-1"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="related-resources-item-wrapper"><img alt="" loading="lazy" width="300" height="178" src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66a7a4866b515cac0a0941db_Why-OT-Security-Moving-to-Endpoint-FEATURED.webp" sizes="(max-width: 479px) 63vw, 300px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66a7a4866b515cac0a0941db_Why-OT-Security-Moving-to-Endpoint-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66a7a4866b515cac0a0941db_Why-OT-Security-Moving-to-Endpoint-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66a7a4866b515cac0a0941db_Why-OT-Security-Moving-to-Endpoint-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66a7a4866b515cac0a0941db_Why-OT-Security-Moving-to-Endpoint-FEATURED.webp 1200w" class="related-resources-image-thumbnail"/><div class="related-resources-title-link-wrapper"><h2 class="related-resource-item-header">OT Security Is Moving to the Endpoint – Where Humans Interact </h2><div>OT security is moving to the endpoint, where humans interact, to reduce detection time and speed response. Safe, non-disruptive agents engineered for OT endpoints let you correlate user activity and events right away, instead of after commands have been executed on the network. </div><a href="/blog/ot-security-is-moving-to-the-endpoint-where-humans-interact" class="nozomi-button related-resource-button w-button">View Blog</a></div></div></div></div></div></div><div class="related-resources-wrapper related-resources-wrapper-1 w-condition-invisible"><div class="w-dyn-list"><div class="w-dyn-empty"><div>No items found.</div></div></div></div><div class="related-resources-wrapper related-blog-wrapper-1"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="related-resources-item-wrapper"><img alt="" loading="lazy" width="300" height="178" src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670ef7c4b0ed23bfff6aca70_Nozomi-Networks-Arc-Expansion-THUMB.webp" sizes="(max-width: 479px) 63vw, 300px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670ef7c4b0ed23bfff6aca70_Nozomi-Networks-Arc-Expansion-THUMB-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670ef7c4b0ed23bfff6aca70_Nozomi-Networks-Arc-Expansion-THUMB-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670ef7c4b0ed23bfff6aca70_Nozomi-Networks-Arc-Expansion-THUMB.webp 1200w" class="related-resources-image-thumbnail"/><div class="related-resources-title-link-wrapper"><h2 class="related-resource-item-header">Endpoint Security for OT & IoT: Protect What IT Agents Can't</h2><div>See how the Nozomi Arc endpoint sensor provides defense in depth where you need it most.</div><a href="/resources/endpoint-security-for-ot-iot-protect-what-it-agents-cant" class="nozomi-button related-resource-button w-button">View Resource</a></div></div></div></div></div></div><div class="related-resources-wrapper related-resources-wrapper-2 w-condition-invisible"><div class="w-dyn-list"><div class="w-dyn-empty"><div>No items found.</div></div></div></div><div class="blog-post-author-wrapper"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="author-section w-dyn-item"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/64a5941f5376a221fffa214e_labs-updatedsicon-300x300.webp" loading="lazy" alt="Nozomi Networks Labs" class="author-image"/><div class="blog-post-author-text-wrapper"><div class="blog-post-author-subheader">ABOUT THE AUTHOR</div><h3 class="blog-post-author-title-name">Nozomi Networks Labs</h3><div class="blog-post-author-bio">Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations. Through our cybersecurity research and collaboration with industry and institutions, we’re helping defend the operational systems that support everyday life.</div></div></div></div></div></div></div><div class="post-template-sidebar-column w-col w-col-3 w-col-stack"><div class="sidebar-blog-posts-wrapper"><h3 class="latest-posts-sidebar-header">RELATED POSTS</h3><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><a href="/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="latest-posts-sidebar-item-link-block w-inline-block"><div class="latest-posts-sidebar-item-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server.webp" loading="lazy" alt="" sizes="(max-width: 479px) 83vw, (max-width: 767px) 86vw, (max-width: 991px) 500px, (max-width: 1919px) 22vw, 287.5px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server.webp 1200w" class="latest-posts-sidebar-image"/><h4 class="latest-posts-sidebar-item-title">Hunting the Mongoose: Discovering 10 Vulnerabilities in the Mongoose Web Server Library</h4></div></a></div><div role="listitem" class="w-dyn-item"><a href="/blog/trust-matters-uncovering-vulnerabilities-in-the-matter-protocol" class="latest-posts-sidebar-item-link-block w-inline-block"><div class="latest-posts-sidebar-item-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 83vw, (max-width: 767px) 86vw, (max-width: 991px) 500px, (max-width: 1919px) 22vw, 287.5px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED.webp 1200w" class="latest-posts-sidebar-image"/><h4 class="latest-posts-sidebar-item-title">Trust Matters: Uncovering Vulnerabilities in the Matter Protocol</h4></div></a></div><div role="listitem" class="w-dyn-item"><a href="/blog/security-flaws-discovered-in-goahead-might-affect-web-servers-over-embedded-iot-devices" class="latest-posts-sidebar-item-link-block w-inline-block"><div class="latest-posts-sidebar-item-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 83vw, (max-width: 767px) 86vw, (max-width: 991px) 500px, (max-width: 1919px) 22vw, 287.5px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED.webp 1200w" class="latest-posts-sidebar-image"/><h4 class="latest-posts-sidebar-item-title">Security Flaws Discovered in GoAhead Might Affect Web Servers Over Embedded/IoT Devices</h4></div></a></div><div role="listitem" class="w-dyn-item"><a href="/blog/flaws-in-espressif-esp-now-allow-attackers-to-replay-communications" class="latest-posts-sidebar-item-link-block w-inline-block"><div class="latest-posts-sidebar-item-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 83vw, (max-width: 767px) 86vw, (max-width: 991px) 500px, (max-width: 1919px) 22vw, 287.5px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED.webp 1200w" class="latest-posts-sidebar-image"/><h4 class="latest-posts-sidebar-item-title">Flaws in Espressif ESP-NOW Allow Attackers to Replay Communications</h4></div></a></div></div></div></div><div class="newsletter-block-wrapper-template"><h3 class="sidebar-newsletter-box-header">Subscribe to our newsletter</h3><div class="sidebar-newsletter-box w-embed w-script"><script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script> <script> hbspt.forms.create({ region: "na1", portalId: "2724979", formId: "a03466a4-e367-45ac-8a9f-8739114a494c" }); </script> <div style="max-width: 350px; margin-left: auto; margin-right: auto;"><a href="https://www.nozominetworks.com/legal/privacy-policy" target="_blank" style="font-size: 10px; line-height: 18px; color: #F5F5F7; font-family: Montserrat;">View our Privacy Policy</a></div></div></div></div></div></div></section><section class="footer"><div id="subscribe" class="footer-subscribe-wrapper"><div class="footer-subscribe-container"><div class="footer-subscribe-embed-box w-embed w-script"><script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script> <script> hbspt.forms.create({ region: "na1", portalId: "2724979", formId: "a03466a4-e367-45ac-8a9f-8739114a494c" }); </script> <div style="max-width: 350px; margin-left: 0; margin-right: auto; padding-top: 5px;"><a href="https://www.nozominetworks.com/legal/privacy-policy" target="_blank" style="font-size: 10px; line-height: 18px; color: #F5F5F7; font-family: Montserrat;">View our Privacy Policy</a></div></div></div></div><div class="footer-top-navigation-bar"><div class="footer-container footer-link-bar-container w-container"><div class="footer-top-navigation-bar-wrapper"><div class="footer-navigation-logo-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e0bbe5862d58545496b67_nozomi-blue-icon.svg" loading="lazy" alt="" class="image"/></div><a data-w-id="63fd2949-137e-d5f8-88d1-14e184102f83" href="#" class="footer-top-navigation-link-block w-inline-block"><h2 class="footer-top-navigation-link-text">Subscribe</h2></a><a href="https://www.linkedin.com/company/nozomi-networks-sa" target="_blank" class="footer-top-navigation-link-block w-inline-block"><h2 class="footer-top-navigation-link-text">LinkedIn</h2></a><a href="/demo" class="footer-top-navigation-link-block w-inline-block"><h2 class="footer-top-navigation-link-text">Demo</h2></a></div></div></div><div class="footer-navigation-link-field-wrapper"><div class="footer-container w-container"><div class="w-layout-grid footer-link-field-grid"><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102f8f-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">PLATFORM</h3><a href="/products" class="footer-link">Platform Overview</a><a href="/products/vantage" class="footer-link">Vantage</a><a href="/products/central-management-console" class="footer-link">Central Management Console</a><a href="/products/guardian" class="footer-link">Guardian</a><a href="/products/guardian-air" class="footer-link">Guardian Air</a><a href="/products/arc" class="footer-link">Arc</a><a href="/products/asset-intelligence" class="footer-link">Asset Intelligence</a><a href="/products/threat-intelligence" class="footer-link">Threat Intelligence</a><a href="/products/smart-polling" class="footer-link">Smart Polling</a><a href="https://security.nozominetworks.com/" target="_blank" class="footer-link">PSIRT</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fa0-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Professional Services</h3><a href="/professional-services" class="footer-link">Overview</a><a href="/professional-services/solution-design" class="footer-link">Design</a><a href="/professional-services/solution-deployment" class="footer-link">Deployment</a><a href="/professional-services/fast-track-service-packages" class="footer-link">Fast Track</a><a href="/professional-services/solution-optimization" class="footer-link">Optimization</a><a href="/professional-services/project-management" class="footer-link">Project Management</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fad-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Solutions: Business needs</h3><a href="/solutions/threat-detection-and-response" class="footer-link">Threat Detection & Response</a><a href="/solutions/iot-ot-network-monitoring" class="footer-link">Continuous Network Monitoring</a><a href="/solutions/iot-ot-asset-inventory-management" class="footer-link">Asset Inventory Management</a><a href="/solutions/iot-ot-vulnerability-management" class="footer-link">Risk & Vulnerability Management</a><a href="/solutions/iot-security" class="footer-link">IoT Security</a><a href="/solutions/data-center-cybersecurity" class="footer-link">Data Center Cybersecurity</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fbc-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Solutions: Compliance</h3><a href="/compliance/nerc-cip" class="footer-link">NERC CIP</a><a href="/compliance/nis2-directive-compliance" class="footer-link">NIS2 Directive</a><a href="/compliance/tsa-security-directives" class="footer-link">TSA Security Directives</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fc9-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Solutions: Industry</h3><a href="/industries/airport-cybersecurity" class="footer-link">Airports</a><a href="/industries/electric-utilities-cybersecurity" class="footer-link">Electric Utilities</a><a href="/industries/healthcare-cybersecurity" class="footer-link">Healthcare</a><a href="/industries/federal-government" class="footer-link">Federal Government</a><a href="/industries/manufacturing-cybersecurity" class="footer-link">Manufacturing</a><a href="/industries/maritime-cybersecurity" class="footer-link">Maritime</a><a href="/industries/mining-cybersecurity" class="footer-link">Mining</a><a href="/industries/oil-gas-cybersecurity" class="footer-link">Oil & Gas</a><a href="/industries/pharmaceutical-cybersecurity" class="footer-link">Pharmaceutical</a><a href="/industries/rail-cybersecurity" class="footer-link">Rail</a><a href="/industries/retail-cybersecurity" class="footer-link">Retail</a><a href="/industries/smart-cities-cybersecurity" class="footer-link">Smart Cities</a><a href="/industries/water-wastewater-cybersecurity" class="footer-link">Water & Wastewater</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fe4-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Learn</h3><a href="/partners" class="footer-link">Partners</a><a href="/resources" class="footer-link">Resources</a><a href="/company" class="footer-link">Company</a><a href="/company/contact-us" class="footer-link">Contact Us</a><a href="/academy" class="footer-link">Academy</a><a href="/company/careers" class="footer-link">Careers</a><a href="/labs" class="footer-link">Labs</a><a href="https://www.nozominetworks.com/legal/privacy-policy" class="footer-link">Legal</a><div class="footer-social-icon-wrapper"><a href="https://twitter.com/nozominetworks" target="_blank" class="footer-social-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64e91608e818b441814b52e8_twitter_footer_22x18.svg" loading="lazy" width="42" height="100" alt="" class="footer-social-icon"/></a><a href="https://www.linkedin.com/company/nozomi-networks-sa" target="_blank" class="footer-social-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e0f5111954ec5d275cd99_linkedin.svg" loading="lazy" alt="Linkedin logo" class="footer-social-icon"/></a><a href="https://www.youtube.com/@nozominetworks" target="_blank" class="footer-social-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e0f5133e547a9cb765948_youtube.svg" loading="lazy" alt="" class="footer-social-icon"/></a></div></div></div></div></div><div class="footer-copyright-wrapper"><div class="footer-container w-container"><div class="footer-copyright-text">© 2024 Nozomi Networks Inc. All Rights Reserved. <a href="https://www.nozominetworks.com/legal/privacy-policy" target="_blank" class="footer-copyright-link">Privacy Policy</a> and Certifications. <a href="#" class="footer-copyright-link">System Status</a>.</div></div></div></section><script src="https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=645a4534705010e2cb244f50" type="text/javascript" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script><script src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/js/nozomi-2023.3991b2fee.js" type="text/javascript"></script><link rel="alternate" hreflang="en" href="https://www.nozominetworks.com/blog/importance-of-iot-ot-endpoint-detection-in-security"> <link rel="alternate" hreflang="ja" href="https://ja.nozominetworks.com/blog/importance-of-iot-ot-endpoint-detection-in-security"> <script type="text/javascript" src="https://cdn.weglot.com/weglot.min.js"></script> <script> Weglot.initialize({ api_key: 'wg_f524bcd5524f694e7a49cc49e108186a4' }); </script></body></html>