Silent Defense

With installations worldwide, SilentDefense is the most advanced and mature OT network monitoring and intelligence platform. SilentDefense passively analyses industrial network communications, provides rich information about network assets and alerts in real-time for any threat to operational continuity.

SilentDefense empowers industrial operators with unrivaled visibility, threat detection capability and control of their network. Featuring a user-friendly interface and out of the box detection engines, SilentDefense instantly delivers actionable results.

SilentDefense OT network monitoring

product features

Asset inventory and network map

Asset inventory and network map
  • Obtain full knowledge and awareness of your network through SilentDefense’s automatic asset inventory and device fingerprinting features.
  • Browse through the interactive network map to understand device behavior, threats and vulnerabilities.
  • Filter and export the information for reporting and backup.

Visual network analytics

Visual network analytics
  • Monitor real-time network flows and industrial protocol operations through SilentDefense’s numerous graphs and widgets.
  • Customize and filter your views to analyze device behavior.
  • Investigate historical data to perform visual forensic analysis.

Network and process anomaly detection

Network and protocols whitelists
  • Learn and validate network communication patterns and process operations with the most in-depth analysis of industrial protocols (DPBI™ patented technology).
  • Identify rogue and malfunctioning devices, intrusions and attacks.
  • Detect undesired configuration changes before they can affect the process.

Industry-specific threat libraries

Industry-specific threat detection
  • Benefit from the knowledge and experience gained by SecurityMatters and integrated into SilentDefense’s Industrial Threat Library, to detect a wide variety of industry-specific threats.
  • Extend SilentDefense’s built-in detection capabilities by defining custom checks for your industrial environment.


product deployment and operation
product deployment ill


SilentDefense can be deployed in a matter of hours, producing immediate results. It is connected to the SPAN/mirroring port of network switches or by using network tap technology. Thanks to its fully passive nature, SilentDefense monitors real-time network traffic without any interference or impact on the monitored environment.


SilentDefense can be deployed as a standalone solution, but can also natively interface with third-party systems such as all major SIEM solutions, authentication servers and industrial firewalls. Its scalable architecture allows it to simultaneously monitor multiple network segments and locations, providing industrial operators with central visibility and control.

Available configurations

SilentDefense is available both as a software or appliance-based solution and can be provided in various configurations. Form factors for an appliance-based solution vary from standard server units to ruggedized hardware depending on the monitored environment.

Protocol and vendor support

  • 15+ open OT protocols: IEC 104, DNP3, IEC 61850 (MMS, SV, GOOSE), ICCP TASE.2, IEEE C37.118 (Synchrophasor), Modbus/TCP, EtherNet/IP, OPC-DA, OPC-AE, BACnet, PROFINET (RTC, RTA, DCP and PTCP).
  • Proprietary OT protocols and extensions of ABB, Emerson, Rockwell, Siemens and Yokogawa.
  • 20+ IT protocols, such as SMB/CIFS and DCOM. Support for additional protocols is added on a continuous basis or on customer request.

Integration and support

  • paloalto
  • check point
  • fortinet
  • Radar IBM
  • splunk
  • Arcsight
  • alien vault
  • abb
  • siemens
  • rockwell automation
  • schneider electric
  • honeywell
  • emerson
  • yokogawa