Operational Playbooks

Operational Playbooks are guides designed to help you achieve specific security outcomes by using actionable workflows. Irrespective of your role in the OT organization, these playbooks provide standardized procedures to secure your Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) environments.

These playbooks use the multi-engine detection capabilities of OT Security including asset inventory, vulnerability management, and threat detection to help you maintain a resilient posture.

Each workflow includes the following:

• An objective or a specific goal you are trying to achieve.

• The step-by-step paths within the OT Security interface.

• The measurable result after executing the workflow.

Prerequisites

Before executing these playbooks, ensure your network has the following:

• Asset Discovery: Make sure OT Security monitors at least one network segment using passive discovery or active querying to populate the inventory.

• User Permissions: Make sure that you have the necessary user roles to view dashboards and initiate scans.

Operational Workflows

To get started, see these workflows:

• Prioritize and Mitigate Vulnerabilities — Prioritize remediation based on actual threat levels (VPR) rather than just CVSS scores.

• Investigate and Respond to Network Threats — Detect and investigate anomalies, malware, or unauthorized network scans.