Deterministic · OT-Native · Fail-Closed

A file that hasn't been inspected hasn't been trusted. It's just been ignored.

A file that hasn't been inspected hasn't been trusted. It's just been ignored.

Media Scan controls every file entering or leaving your OT environment. It does not score threats. It does not flag suspicious behaviour for review. It inspects every file through a fixed, deterministic pipeline and issues a single, enforceable verdict: clean, hold, or blocked. The same file always receives the same outcome. No variability. No bypass.

Media Scan controls every file entering or leaving your OT environment. It does not score threats. It does not flag suspicious behaviour for review. It inspects every file through a fixed, deterministic pipeline and issues a single, enforceable verdict: clean, hold, or blocked. The same file always receives the same outcome. No variability. No bypass.

Request a demo →

Cybersecurity logo

The Problem

Detection is not control.
Most OT environments have one but not the other.

Traditional security tools detect threats. They flag suspicious files, issue warnings, and prompt a review. In an IT environment where misses are recoverable, that is acceptable. In an OT environment where a single infected firmware update can take a production line offline for weeks, it is not. Control requires something detection cannot provide: a deterministic outcome for every file, every time, with no exceptions and no bypass.

Detection tells you what it found. Not what it missed.

A scanning tool that flags 99% of threats still allows 1% through. In an environment with thousands of files moving across the boundary daily, that 1% is a real and recurring exposure. Probabilistic detection is not a policy. It is a best effort.

Removable media is the most common OT attack vector.

USB drives, laptops, external hard drives, every device a technician, contractor, or vendor brings on-site is a potential entry point. Air-gapped OT environments are only air-gapped until someone plugs something in. Inspection at the point of insertion is the only control that holds.

Compliance requires evidence, not effort.

IEC 62443, NIST SP 800-82, NIS2, NCA OTCC, all require demonstrable control over file transfer at OT boundaries. A scanning tool that issues alerts does not satisfy a compliance requirement. A deterministic pipeline with per-file audit logs does.

The Problem

Detection is not control.
Most OT environments have one but not the other.

Traditional security tools detect threats. They flag suspicious files, issue warnings, and prompt a review. In an IT environment where misses are recoverable, that is acceptable. In an OT environment where a single infected firmware update can take a production line offline for weeks, it is not. Control requires something detection cannot provide: a deterministic outcome for every file, every time, with no exceptions and no bypass.

Detection tells you what it found. Not what it missed.

A scanning tool that flags 99% of threats still allows 1% through. In an environment with thousands of files moving across the boundary daily, that 1% is a real and recurring exposure. Probabilistic detection is not a policy. It is a best effort.

Removable media is the most common OT attack vector.

USB drives, laptops, external hard drives, every device a technician, contractor, or vendor brings on-site is a potential entry point. Air-gapped OT environments are only air-gapped until someone plugs something in. Inspection at the point of insertion is the only control that holds.

Compliance requires evidence, not effort.

IEC 62443, NIST SP 800-82, NIS2, NCA OTCC, all require demonstrable control over file transfer at OT boundaries. A scanning tool that issues alerts does not satisfy a compliance requirement. A deterministic pipeline with per-file audit logs does.

Four Form Factors

One inspection pipeline.
Four ways to deploy it.

Every form factor runs the same inspection pipeline, produces the same verdict types, and generates the same audit log. The difference is where and how they sit in your environment.

Four Form Factors

One inspection pipeline.
Four ways to deploy it.

Every form factor runs the same inspection pipeline, produces the same verdict types, and generates the same audit log. The difference is where and how they sit in your environment.

Detection tells you what it found. Not what it missed.

Portable USB

Goes where your technician goes.

A portable USB-based inspection unit carried by field engineers, maintenance teams, and site visitors. Every file on the USB is inspected before it enters the network, at the device, before connection. No infrastructure required. No network dependency. Verdict before contact.

Field maintenance visits

Vendor firmware delivery

Contractor site access

Remote and temporary locations

Media Scan Gate

Kiosk

Holds the line at every entry point.

A fixed inspection kiosk positioned at the physical boundary of the OT environment, plant entrance, control room access point, or engineering bay. Operators and visitors present their media at the kiosk. Nothing enters without a verdict. Enforced workflow, every time.

Control room access control

Engineering bay entry

Plant floor boundary enforcement

High-traffic entry points

Detection tells you what it found. Not what it missed.

Portable USB

Goes where your technician goes.

A portable USB-based inspection unit carried by field engineers, maintenance teams, and site visitors. Every file on the USB is inspected before it enters the network, at the device, before connection. No infrastructure required. No network dependency. Verdict before contact.

Field maintenance visits

Vendor firmware delivery

Contractor site access

Remote and temporary locations

Media Scan Inline

Fully Virtual

Every transfer. Every direction. Always on.

A software-only deployment that inspects every file moving across the IT-OT boundary, in both directions. No physical hardware. No additional workflow steps for operators. Media Scan Inline sits invisibly, enforcing the same inspection pipeline on every file transfer that passes through the network boundary.

IT-OT boundary inline inspection

OT-IT data extraction control

Cloud-connected OT environments

Large-scale multi-site deployment

Detection tells you what it found. Not what it missed.

Portable USB

Goes where your technician goes.

A portable USB-based inspection unit carried by field engineers, maintenance teams, and site visitors. Every file on the USB is inspected before it enters the network, at the device, before connection. No infrastructure required. No network dependency. Verdict before contact.

Field maintenance visits

Vendor firmware delivery

Contractor site access

Remote and temporary locations

Detection tells you what it found. Not what it missed.

Portable USB

Goes where your technician goes.

A portable USB-based inspection unit carried by field engineers, maintenance teams, and site visitors. Every file on the USB is inspected before it enters the network, at the device, before connection. No infrastructure required. No network dependency. Verdict before contact.

Field maintenance visits

Vendor firmware delivery

Contractor site access

Remote and temporary locations

Media Scan Gate

Kiosk

Holds the line at every entry point.

A fixed inspection kiosk positioned at the physical boundary of the OT environment, plant entrance, control room access point, or engineering bay. Operators and visitors present their media at the kiosk. Nothing enters without a verdict. Enforced workflow, every time.

Control room access control

Engineering bay entry

Plant floor boundary enforcement

High-traffic entry points

Media Scan Inline

Fully Virtual

Every transfer. Every direction. Always on.

A software-only deployment that inspects every file moving across the IT-OT boundary, in both directions. No physical hardware. No additional workflow steps for operators. Media Scan Inline sits invisibly, enforcing the same inspection pipeline on every file transfer that passes through the network boundary.

IT-OT boundary inline inspection

OT-IT data extraction control

Cloud-connected OT environments

Large-scale multi-site deployment

Inspection Pipeline

Five stages. One verdict. No exceptions.

Every file, regardless of source, format, or form factor, passes through the same fixed inspection sequence. The pipeline is deterministic: the same inputs always produce the same outputs. There is no shortcut, no trusted source bypass, no exemption list.

1

Static Analysis

Pattern-based inspection of file structure before any execution. Identifies known malware signatures, suspicious encoding, and embedded threats in file headers and metadata.

2

Multi-Engine Scanning

Parallel inspection across 17+ independent scanning engines simultaneously. No single engine is the arbiter. Consensus across multiple detection approaches eliminates single points of failure.

3

Content Disarm and Reconstruction (CDR)

Files are not just scanned, they are rebuilt. Active content, macros, embedded objects, and exploit vectors are removed. The output is a safe, functional file that carries no threat payload. Original threat is destroyed, not quarantined.

4

Reputation Validation

Hash validation against global threat intelligence databases, OT-specific malware repositories, and industrial control system attack pattern libraries. Every file checked against what is already known.

5

Deterministic Verdict

One outcome. Clean. Hold. Blocked. No probabilistic scoring. No ambiguity. The same file always receives the same verdict. Every outcome is logged, traceable, and auditable.

CLEAN

HOLD

BLOCKED

5

Deterministic Verdict

One outcome. Clean. Hold. Blocked. No probabilistic scoring. No ambiguity. The same file always receives the same verdict. Every outcome is logged, traceable, and auditable.

CLEAN

HOLD

BLOCKED

Media Scan
OThello-Media-Scan

Fail-closed by design.

If Media Scan cannot reach a verdict, connectivity issue, unrecognised format, inspection engine error, the file is held, not passed. The default is control, not convenience. A file that cannot be inspected does not enter your environment.

Full audit trail, every file.

Every file generates a timestamped audit record: source, format, inspection stages completed, verdict issued, disposition applied. The log is complete, immutable, and exportable. Compliance evidence is produced automatically, not assembled after the fact.

Why Media Scan

Control is not detection with a stricter threshold.

The difference between Media Scan and traditional AV or scanning tools is not sensitivity, it is architecture. Media Scan was built to enforce a policy, not to detect a threat.

Why Media Scan

Control is not detection with a stricter threshold.

The difference between Media Scan and traditional AV or scanning tools is not sensitivity, it is architecture. Media Scan was built to enforce a policy, not to detect a threat.

Media Scan

Traditional AV / Scanning Tools

Verdict type

Deterministic, same file always same outcome

Probabilistic, score-based, variable by engine version

Fail mode

Fail-closed, unknown files are held

Fail-open, unknowns often pass

Content handling

CDR rebuilds files, active content destroyed

Files scanned in place, threats may remain embedded

OT protocol support

Native OT file format support (.bin, .s7p, .acd, .dat, and more)

IT-focused formats, OT support varies

Audit trail

Full per-file audit log with timestamps

Partial, event-level logging only

Deployment

Air-gap, on-premise, inline virtual, all supported

Cloud or on-premise, air-gap typically unsupported

Workflow enforcement

Enforced, files cannot bypass inspection

Advisory inspection is recommended, not enforced

Technical Specifications

Built for industrial environments. Not adapted to them.

Technical Specifications

Built for industrial environments. Not adapted to them.

File format support

500+

Including native OT formats: .bin, .s7p, .acd, .rsp, .prj, .dat, .cfg, .xml, and engineering file types from Siemens, Rockwell, Schneider, ABB, and others. IT formats fully covered.

Throughput

10,000+ files/day

Sub-5-second average inspection time. Pipeline is parallelised across all 17+ engines simultaneously, not sequential. High-volume operational environments supported without workflow bottleneck.

Deployment models

4 options

On-premise. Air-gapped. IT-OT boundary inline (Media Scan Inline). All four form factors (Field, Gate, Desk, Inline) supported. Mixed deployments are standard.

Integration

Full API

Active Directory, SIEM integration, ITSM workflow integration, SFTP/MFT for secure file transfer. Full API for custom integration. Audit logs exportable in standard formats.

Compliance

IEC 62443+

Designed against IEC 62443, NIST SP 800-82, ISO 27001, and NIS2. Per-file audit logs satisfy compliance evidence requirements.

Availability

99.9%+

Fail-closed architecture means failure mode is hold, not pass. No dependency on external connectivity for core inspection functions. Air-gapped deployments operate fully offline.

Control what enters your environment. And what leaves it.

Control what enters your environment. And what leaves it.

Control what enters your environment. And what leaves it.

Deterministic inspection. Four form factors. One pipeline.

Deterministic inspection. Four form factors. One pipeline.

Deterministic inspection. Four form factors. One pipeline.

Request a demo

Request a demo

OThello

Assess

Pentest Studio

Threat Intelligence

Try your first assessment

OThello

Assess

Pentest Studio

Threat Intelligence

Try your first assessment

The Problem

Detection is not control.
Most OT environments have one but not the other.

Traditional security tools detect threats. They flag suspicious files, issue warnings, and prompt a review. In an IT environment where misses are recoverable, that is acceptable. In an OT environment where a single infected firmware update can take a production line offline for weeks, it is not. Control requires something detection cannot provide: a deterministic outcome for every file, every time, with no exceptions and no bypass.

The Problem

Detection is not control.
Most OT environments have one but not the other.

Traditional security tools detect threats. They flag suspicious files, issue warnings, and prompt a review. In an IT environment where misses are recoverable, that is acceptable. In an OT environment where a single infected firmware update can take a production line offline for weeks, it is not. Control requires something detection cannot provide: a deterministic outcome for every file, every time, with no exceptions and no bypass.

Detection tells you what it found. Not what it missed.

A scanning tool that flags 99% of threats still allows 1% through. In an environment with thousands of files moving across the boundary daily, that 1% is a real and recurring exposure. Probabilistic detection is not a policy. It is a best effort.

Removable media is the most common OT attack vector.

USB drives, laptops, external hard drives, every device a technician, contractor, or vendor brings on-site is a potential entry point. Air-gapped OT environments are only air-gapped until someone plugs something in. Inspection at the point of insertion is the only control that holds.

Compliance requires evidence, not effort.

IEC 62443, NIST SP 800-82, NIS2, NCA OTCC, all require demonstrable control over file transfer at OT boundaries. A scanning tool that issues alerts does not satisfy a compliance requirement. A deterministic pipeline with per-file audit logs does.

Technical Specifications

Built for industrial environments. Not adapted to them.

File format support

500+

Including native OT formats: .bin, .s7p, .acd, .rsp, .prj, .dat, .cfg, .xml, and engineering file types from Siemens, Rockwell, Schneider, ABB, and others. IT formats fully covered.

Throughput

10,000+ files/day

Sub-5-second average inspection time. Pipeline is parallelised across all 17+ engines simultaneously, not sequential. High-volume operational environments supported without workflow bottleneck.

Deployment models

4 options

On-premise. Air-gapped. IT-OT boundary inline (Media Scan Inline). All four form factors (Field, Gate, Desk, Inline) supported. Mixed deployments are standard.

Integration

Full API

Active Directory, SIEM integration, ITSM workflow integration, SFTP/MFT for secure file transfer. Full API for custom integration. Audit logs exportable in standard formats.

Compliance

IEC 62443+

Designed against IEC 62443, NIST SP 800-82, ISO 27001, and NIS2. Per-file audit logs satisfy compliance evidence requirements.

Availability

99.9%+

Fail-closed architecture means failure mode is hold, not pass. No dependency on external connectivity for core inspection functions. Air-gapped deployments operate fully offline.