SiESTA

Intensify security testing

Why SiESTA?

SiESTA (Siemens Extensible Security Testing Application) is a unique security testing solution for OT/IT environments, combining market-leading and in-house tools on a single platform to a comprehensive security testing solution. The user-friendly SiESTA management console enables simple planning and automation of individually compiled test procedures, so you can quickly and regularly determine the safety status of components, solutions or entire production networks. That saves valuable time and significantly increases security.
SiESTA - an overview: Unique scope of services, convience and time savings, process and result security

SiESTA means more than just cybersecurity for your enterprise.

New security vulnerabilities are discovered daily while cyber-criminals develop ways of exploiting them. SiESTA allows you to carry out regular, comprehensive checks of the security status of your products and solutions as well as of your entire IT/OT network environments. You can promptly discover risks and potential hazards, and respond to attacks in a targeted manner.

  • SiESTA enables inventory management for entire production systems as well as the visualization of life cycle information.
  • SiESTA uses a variety of technologies and methods to provide a large number of different security tests with wide-ranging capabilities for detecting vulnerabilities.
  • SiESTA's user-friendly operator interface ensures simple administration and allows the customized compilation and automation of test procedures.
  • SiESTA provides clearly structured reporting that summarizes the results of all tests and gives a clear display of the security status of all devices. The result is reliable visualization of vulnerabilities and possible threats.

By intensifying security tests, SiESTA makes a fundamental contribution to the prevention of security risks and their consequences, including physical damage, a tarnished image and financial losses.

Virtual Guide

Guarding the Gates to a Converging World

During the past decade, the information technology (IT) and operational technology (OT) spaces have been evolving quickly as digital outcomes like predictive analytics and IoT connectivity are integrated into OT systems. Both technology domains have gradually converged within manufacturing floors, office buildings, power plants, and city streets. This phenomenon presents a challenge to chief information security officers (CISOs) who must achieve these new digital outcomes while keeping IT and OT systems cyber secure.

These images are copyright © Frost & Sullivan. All rights reserved. 

Slide through our virtual guide to learn more about IT/OT convergence,

common security vulnerabilities and how to avoid them.

If you want to get an information edge to secure your OT/IT systems, read our whitepaper on Operational Security (OPSEC) – The 360° approach to fortifying the people, processes, and technologies that empower true information resilience.

 

Receive the full white paper

In a nutshell

SiESTA at a glance

SiESTA is not only a security tool but also an entire framework for security tests. Just imagine it as a integrated automatic toolbox using the concentrated power of leading security testing tools.

You benefit from numerous advantages:

  • Many years of experience with security testing in highly sensitive production environments 
  • In-house, proactive research into cybersecurity trends and incidents
  • Exclusive life cycle and vulnerability information for Siemens devices and products
  • Demand-oriented security tests for product development
  • Low-risk and resource-efficient scanning during ongoing operation without impairing production
  • Tight networking with the enterprise's own Siemens ProductCERT and especially its PSIRT Team (Computer Emergency Response Team, Product Security Incident Response Team)
  • Siemens is founding member of "Charter of Trust" (world's leading initiative for cybersecurity in industry)
  • Collaboration and communication with other recognized institutions in the field of cybersecurity (CIS, NIST, IEC, etc.)
Benefits

Why SiESTA is the right choice

SiESTA provides the most comprehensive range of automation-capable security tests and allows you to intensify security scans while also saving time.

Select a personal toolset

Compile your tests from the large number of testing tools available on your SiESTA platform.

Create customized test procedures

Create your own test procedures using the extensive portfolio of preconfigured test modules.

Add your own tests

You can easily create your own security tests to even cover very specific applications with SiESTA.

Numerous advantages for many applications and users

Ease of use

A user-friendly platform facilitates planning, execution and result evaluation for valuable IT specialists (administrators, developers, etc.).

Ready for DevOp

Agile teams from IT, development and operations (DevSecOps) use the modular and, at the same time, integrative approach of the SiESTA platform.

Proven in the field 

Testing centers in particular benefit from the holistic nature of the SiESTA platform with its unique breadth and depth of security testing options.

Benefits for all

SiESTA is suitable for security testing for components, products and solutions, e.g. in development fields, as well as in operational production systems and other critical OT/IT networks.

1

Test cases

SiESTA combines commercial, OpenSource and in-house tools to form the most complete security testing platform on the market.

1

Satisfied Users

A growing number of customers are placing their faith in SiESTA. They appreciate the high level of user convenience and the impressive time-savings.

1 years

Experience with high-security environments

SiESTA was developed in critical and sensitive industrial and production environments and has been continuously optimized ever since.

Deep dive

Automation of security tests with SiESTA

Right from the very beginning, SiESTA was designed focusing on the automation-capability of security testing. The creation of a smart, centralized controlling instance and development of a proprietary evaluation tool (SiESTA Result Checker) helped to lay the foundation for plannable, repeatable and ultimately more intensive security test procedures.

Four steps to greater security:

1. Capturing your network and/or production environment

You identify and make an inventory of the objects to be tested (components, products, systems, networks,…) and enter protection classes and other parameters regarding the initial categorization for the desired scan intensity and scope.

 

2. Specifying your customized tests

From the diverse range of test functionalities, preconfigured test scenarios and your own test cases, you compile your customized test procedures to determine which objects are to be scanned with which tools.

 

3. Automated scanning

SiESTA automatically performs the specified security scans at the desired intervals. Integration in development pipelines such as Gitlab or Jenkins is also an option.

 

4. User-friendly provision of results

Once the test routine has been concluded, you receive an automatically created, clearly structured report containing the results of all the tests performed.

SiESTA combines intensification and simplification, individualization and automation, expansion and savings in security testing.

Related Content

Cybersecurity at Siemens

Cybersecurity at Siemens

Protect what you value – with our holistic approach and leading technology expertise.

Siemens ProductCERT and Siemens CERT

Siemens ProductCERT and Siemens CERT

The central expert teams for immediate response to security threats and issues affecting Siemens products, solutions, services, or infrastructure.

Vilocify

Vilocify

Vilocify empowers you to secure your infrastructure and product portfolio by providing relevant, actionable vulnerability intelligence.