Get The FREE CMMC Starter Kit
& Automate Foundational CMMC Requirements in Just 5 Minutes
How it Works
Request a Free CMMC Starter Kit for 1 Subnet
Plug-n-Play in 5 Minutes
- No Sensitive Data/Packet Collection
- Safe & Secure Behavior on the Network
Meet these CMMC requirements And Get Weekly Reports
CM.2.061: Inventory All Devices
- Identify Your Devices by Category and Type including unmanaged, IoT & OT devices
RM.2.142: Detect Vulnerabilities
- Real-Time Vulnerability Detect ion
- Designed to be Safe, even on IoT/OT Devices
Request your IoT-mini
Why the IoT-Mini?
The IoT-miniTM will only use locally accessible network information protocols to obtain information about local devices to be profiled. As such, no data could be used to identify or attack any customer. The data would be useless without direct access to the network, and direct access to the network would allow access to this information anyway.
The IoT-miniTM will connect to our CloudPortal® a minimum of every 5 minutes to access the updates and databases that help determine what tests to perform for a given device. There is no collection of packets or any potentially sensitive data in any way, not directly to the appliance itself or out to our CloudPortal®. Any data that is retained is stored in the geographic region of the customer’s choosing.
The IoT-miniTM will attempt to communicate with devices to assist in device profiling and vulnerability detection. This communication is minimal, a small fraction of the traffic in comparison to network scanners, and done interatively to avoid any impact to the device or network.
These measures provide assurance to our customers and partners that we will not gather or maintain any of their sensitive or protected information in our systems and that we be safe on the network and to devices.
Safe on Devices: The IoT-miniTM uses a proprietary, non-intrusive technique called PortSafeTM Inspection. Unlike vulnerability scanners that can overwhelm and crash sensitive IoT devices, PortSafeTM works iteratively and intelligently to understand the device and how to best test it. The result is that it will not interfere with devices as it does its discovery, identification, and vulnerability detection.
Safe on the Network: Unlike competitive solutions, the IoT-miniTM does not use network TAP/SPAN ports, so there is no addition load on the switch to duplicate packets which can cause network performance issues. Also, the IoT-miniTM generates only a small fraction of traffic vs. network scans.
The Benefit: Now you can safely and confidently discover and vulnerability test sensitive and resource-constrained devices that are excluded from intrusive vulnerability scans, without concern of crashing devices or causing network performance issues.
The IoTSecure IoT-miniTM is a free IoT security tool that makes it fast and easy to address common IoT security challenges. The IoT-mini is fits in the palm of your hand and runs off USB power connected to any ethernet jack on the network.The IoT-miniTM is completely automated. When you get your IoT-mini and connect it to the network, it will:
– Discover, track and identify IoT devices
– Safely detect IoT-specific vulnerabilities that vulnerability scanners often miss
– Summarize IoT inventory and vulnerabilities in the report
The IoT-miniTM is also aware of any new devices that connect to the network. When new devices connect, the IoT-miniTM will also begin to profile them to be identified and checked for IoT vulnerabilities. Also, there are no agents to install, no network TAPs, and there is no tuning.
The IoT-miniTM will only use locally accessible network information protocols to obtain information about local devices to be profiled. As such, no data could be used to identify or attack any customer. The data would be useless without direct access to the network, and direct access to the network would allow access to this information anyway.
The IoT-miniTM will connect to our CloudPortal® a minimum of every 5 minutes to access the updates and databases that help determine what tests to perform for a given device. There is no collection of packets or any potentially sensitive data in any way, not directly to the appliance itself or out to our CloudPortal®. Any data that is retained is stored in the geographic region of the customer’s choosing.
The IoT-miniTM will attempt to communicate with devices to assist in device profiling and vulnerability detection. This communication is minimal, a small fraction of the traffic in comparison to network scanners, and done interatively to avoid any impact to the device or network.
These measures provide assurance to our customers and partners that we will not gather or maintain any of their sensitive or protected information in our systems and that we be safe on the network and to devices.
Automate More CMMC Requirements for Your Entire Network
Prices Start at Just $3K/Yr.
SI.2.216:
Security Monitoring
Agentless, Automated Behavior Monitoring
That requires No Tuning
CA.2.159:
Reduce or Eliminate Vulnerabilities
Automated Security Policy to Mitigate Threats
What Customers Say
Automate Inventory on All Devices
Unlike my scanner, IoTSecure tells me what types of devices are on my network, continuously. It’s a huge time saver on CMMC compliance, especially on unmanaged devices.
IT Director
Electronics Manufacturer
Safe, Real-time Vulnerability Detection
OT devices are too sensitive for intrusive vulnerability scans, so we needed a way to safely detect vulnerabilities for compliance. IoTSecure has proven to be safe and it’s 100% automated.
Security Lead
Large MSSP
Automate Monitoring without Tuning
Monitoring unmanaged devices that don’t run agents required too much work to effectively scale. IoTSecure completely automated the process. It was set it & forget it.
IT Manager
DoD Manufacturing Co.
Read How a Manufacturer Jumpstarted CMMC Compliance
CASE STUDY
FEDERAL GOVERNMENT SYSTEMS PROVIDER – VISIBILITY, SECURITY AND RESOURCES
IoTSecure solution profiled all the devices on the network to give the I.T. director full visibility into what was on the network, identifying devices by device type so he could make decision about what to remove from the network, as well as what stayed and to which VLAN segment it should be assigned. After that, IoTSecure continuously and safely checked devices for vulnerabilities and automatically monitored devices for anomalous and malicious communications without any tuning required.
How Can We Help
01
JumpStart Compliance FREE, in Just 5 Minutes
- Automated Inventory
- Safe Threat Detection
03
See it in Action!
- 1:1 Live Demo
- Real-Time Report
More FAQs
The Internet of Things (IoT) is a general category of connected devices that do not necessarily meet the classic description of a computer and are commonly designed for a single purpose. Examples of IoT devices include medical devices, HVAC controllers, door access controllers, IP Cameras, Smart TVs, smart watches, and speakers.
Virtually every network, whether a large corporate intranet or a simple home Wi-Fi network, has IoT devices on it. Most are unknown or unmanaged devices and hard to secure, making it challenging to know what IoT is on the network, where they are, where they are communicating, and whether they are vulnerable. Traditional security tools can’t keep up, making dedicated IoT security solutions a critical piece of any enterprise security strategy.
According to the Department of Defense CIO, “the interim DFARS rule established a five-year phase-in period, during which CMMC compliance is only required in select pilot contracts, as approved by the Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)).”
Once CMMC 2.0 is codified through rulemaking, the Department will require companies to adhere to CMMC, and inclusion of CMMC as a requirement in DoD solicitations and requests for proposals will be mandated.
The interim rule became effective in 2020, establishing a five-year phase-in period, which means that CMMC could come into effect by 2025, which is only two years away.
In anticipation of the deadline for CMMC compliance, your company should ensure that all of your assets in your network, including your IoT assets, do not cause you to potentially compromise your company’s position to adhere to the compliance controls of CMMC, the consequences of which could be a significant loss of revenue from the Department of Defense.
If contractors and subcontractors are handling the same type of FCI (federal contract information) and CUI (controlled unclassified information), then the same CMMC level would apply.
Sign up for a free IoT Mini Starter Kit and meet the foundational CMMC requirements in just 5 minutes.
Most IoT devices are unknown or unmanaged devices that are hard to security for a variety of reasons, including:
- risky default behavior like creating open services, have hard-coded passwords or data collection and transmission on their own to other devices
- lack built-in security and security patching from the manufacturer
- can’t run endpoint agents or don’t produce logs, so they are hard to monitor
- can’t be scanned for vulnerabilities because they are resource constrained and easily crash
- create Shadow IT problems as they are easily deployed without IT oversight
We have a limited supply of IoT-minisTM available. When you request an IoT-miniTM, we will notify you within 48 hours if we have one available. Once approved, you can expect a simple package with all you need to begin base lining your IoT inventory and security posture. The package includes the IoT-mini, a USB-USB-mini, CAT6 Ethernet cable, and a power brick for the USB cable if there is no USB port to power the device.
Using the IoT-miniTM is as simple as 1-2-3:
- Plug in the CAT6 Ethernet cable to a working ethernet port on the network to be scanned
- Plug in the power supply
- Scan the QR code to activate the IoT-miniTM
- Wait 24 hours for the report to be delivered to your inbox
The report includes a complete view of IoT devices connected to your network, along with recommendations. To continue receiving monthly update reports, simply leave the IoT-mini connected to the network. If you would like to assess a different network, simply connect and reactivate the IoT-mini to the new network following the above steps.
We have a limited supply of IoT-minisTM and they are currently available at no charge. The initial report is currently available free of charge. Restrictions include:
1) You must be an IT employee of a company that: a) has greater than 200 employees, or b) is a value-added reseller, or c) is a managed service provider or d) is a professional security auditor.
2) You will not use the IoT-miniTM or the information it provides for malicious purposes, or to compete in any way with IoTSecure.
3) The IoT-miniTM and any information produced by the IoT-mini must not be used for resell purposes without express, written permission by IoTSecure.
4) The IoT-miniTM is for use on corporate networks, but an initial test may be conducted on a test/lab network. Restrictions are subject to change without notice.
The IoT-miniTM can assess any network environment it’s connected to and activated on. If you need to test additional networks, please contact sales@localhost.
The IoT-miniTM profiles devices into manufacturers, categories and device type. Then, it creates a risk profile for each device, including vulnerabilities, flaws, risks, and other crucial information.
Once the IoT-mini is connected to a network and activated, it begins inspecting and identifying devices. Within 24-48 hours (depending on the size of the network), you will be contacted to schedule a report review with an engineer.
The IoT-miniTM FREE is a free IoT security tool that is designed for fast, easy proof of concepts and provides basic IoT inventory and IoT vulnerability detection on a single network segment.
The IoT-miniTM Pro+ uses the same device as the IoT-miniTM FREE, but it is upgraded to provide automated assessments on an entire corporate network, advanced IoT inventory and vulnerability detection, device-level behavior monitoring, granular configuration options and a real-time dashboard.
The IoT-maxTM is a high capacity, full enterprise-level solution that has all the features as the IoT-miniTM Pro +, but it also provides integration of results into existing tools such as SIEM, NAC, Asset & Vulnerability Management, ITSM, etc.
Please send us an email with your questions to sales@localhost
Request a CMMC Starter Kit *
- For corporate networks only.
- For registered companies with 100+ employees or that provide professional IT services.
- Upon form submission, follow the prompts to schedule a 10-minute call to cover device set up and your shipping information.