Why SiESTA?SiESTA (Siemens Extensible Security Testing Application) is a unique security testing solution for OT/IT environments, combining market-leading and in-house tools on a single platform to a comprehensive security testing solution. The user-friendly SiESTA management console enables simple planning and automation of individually compiled test procedures, so you can quickly and regularly determine the safety status of components, solutions or entire production networks. That saves valuable time and significantly increases security.
SiESTA means more than just cybersecurity for your enterprise.
New security vulnerabilities are discovered daily while cyber-criminals develop ways of exploiting them. SiESTA allows you to carry out regular, comprehensive checks of the security status of your products and solutions as well as of your entire IT/OT network environments. You can promptly discover risks and potential hazards, and respond to attacks in a targeted manner.
- SiESTA enables inventory management for entire production systems as well as the visualization of life cycle information.
- SiESTA uses a variety of technologies and methods to provide a large number of different security tests with wide-ranging capabilities for detecting vulnerabilities.
- SiESTA's user-friendly operator interface ensures simple administration and allows the customized compilation and automation of test procedures.
- SiESTA provides clearly structured reporting that summarizes the results of all tests and gives a clear display of the security status of all devices. The result is reliable visualization of vulnerabilities and possible threats.
By intensifying security tests, SiESTA makes a fundamental contribution to the prevention of security risks and their consequences, including physical damage, a tarnished image and financial losses.
During the past decade, the information technology (IT) and operational technology (OT) spaces have been evolving quickly as digital outcomes like predictive analytics and IoT connectivity are integrated into OT systems. Both technology domains have gradually converged within manufacturing floors, office buildings, power plants, and city streets. This phenomenon presents a challenge to chief information security officers (CISOs) who must achieve these new digital outcomes while keeping IT and OT systems cyber secure.
These images are copyright © Frost & Sullivan. All rights reserved.
Slide through our virtual guide to learn more about IT/OT convergence,
common security vulnerabilities and how to avoid them.
You benefit from numerous advantages:
- Many years of experience with security testing in highly sensitive production environments
- In-house, proactive research into cybersecurity trends and incidents
- Exclusive life cycle and vulnerability information for Siemens devices and products
- Demand-oriented security tests for product development
- Low-risk and resource-efficient scanning during ongoing operation without impairing production
- Tight networking with the enterprise's own Siemens ProductCERT and especially its PSIRT Team (Computer Emergency Response Team, Product Security Incident Response Team)
- Siemens is founding member of "Charter of Trust" (world's leading initiative for cybersecurity in industry)
- Collaboration and communication with other recognized institutions in the field of cybersecurity (CIS, NIST, IEC, etc.)
SiESTA combines commercial, OpenSource and in-house tools to form the most complete security testing platform on the market.
A growing number of customers are placing their faith in SiESTA. They appreciate the high level of user convenience and the impressive time-savings.
Experience with high-security environments
SiESTA was developed in critical and sensitive industrial and production environments and has been continuously optimized ever since.
Automation of security tests with SiESTARight from the very beginning, SiESTA was designed focusing on the automation-capability of security testing. The creation of a smart, centralized controlling instance and development of a proprietary evaluation tool (SiESTA Result Checker) helped to lay the foundation for plannable, repeatable and ultimately more intensive security test procedures.
Four steps to greater security:
1. Capturing your network and/or production environment
You identify and make an inventory of the objects to be tested (components, products, systems, networks,…) and enter protection classes and other parameters regarding the initial categorization for the desired scan intensity and scope.
2. Specifying your customized tests
From the diverse range of test functionalities, preconfigured test scenarios and your own test cases, you compile your customized test procedures to determine which objects are to be scanned with which tools.
3. Automated scanning
SiESTA automatically performs the specified security scans at the desired intervals. Integration in development pipelines such as Gitlab or Jenkins is also an option.
4. User-friendly provision of results
Once the test routine has been concluded, you receive an automatically created, clearly structured report containing the results of all the tests performed.
SiESTA combines intensification and simplification, individualization and automation, expansion and savings in security testing.