On the heels of Nozomi Networks being recognized as a Leader in the first ever Gartner® Magic Quadrant™ for Cyber-Physical Systems (CPS) Protection Platforms, we’re excited to share more good news: Nozomi Networks also ranked among the three top-scoring vendors for all four Use Cases in the companion 2025 Gartner ® Critical Capabilities for CPS Protection Platforms, released on February 18, 2025. That includes top scores for two of the Use Cases that we feel owners of critical infrastructure and industrial control system systems (ICS) need most: (1) Discover and Map CPS Assets (tied with another vendor) and (2) Threat and Vulnerability Management.
What Are Gartner Critical Capabilities Reports?
In recent years, Gartner has begun publishing Critical Capabilities reports as companions to their highly regarded Magic Quadrants. The reports are designed to provide deeper insights into the products and services available from vendors evaluated in a given Magic Quadrant and help understand which products and services area best fit for common usage scenarios.
Gartner defines the CPS protection platforms market as products and services that use knowledge of industrial protocols, operational/production network packets or traffic metadata, and physical process asset behavior to discover, categorize, map and protect CPS in production or mission-critical environments outside of enterprise IT environments. In the Critical Capabilities companion to the Magic Quadrant for CPS Protection Platforms, Gartner analysts evaluated vendor solutions based on four Use Cases common to this market:
- Discover and Map CPS Assets
- Threat and Vulnerability Management
- Prioritize CPS Security Issues and Remediation
- Monitor CPS Security; Align to Enterprise Efforts
Here’s how the Nozomi Networks platform addresses each Use Case.
Critical Capability #1: Discover and Map CPS Assets
Many of our customers first reach out because they're trying to get a better understanding of the OT and IoT devices on their network. The first step is to understand what devices are on the network, how they're communicating and what they're communicating with. That requires automated asset inventory management purpose-built for industrial environments.
Cyber security regulations increasingly mandate proactive management of CPS assets. The Nozomi Networks platform combines passive and active monitoring with project file analysis and other AI and machine learning techniques to automatically create a comprehensive asset inventory of the CPS environment across wired and wireless networks, and across a variety of open and proprietary protocols. This allows rapid and continuous tracking of connected devices, reducing the time and effort required from operations and security teams to achieve compliance with these mandates.
Critical Capability #2: Threat and Vulnerability Management
Along with asset management, nearly every CPS security regulation, best practice, and framework requires some form of vulnerability management and threat detection. The Nozomi Networks platform’s AI-powered asset intelligence correlates asset data from widely recognized sources like CV databases, manufacturer recall notices and third-party vulnerability repositories to accurately identify vulnerabilities across the network including operating systems, applications, hardware and firmware. Because not all vulnerabilities can or perhaps need to be patched, we provide trend analysis with pragmatic recommendations for remediation.
For threat detection, our hybrid anomaly and signature detection strategy combines device and process behavioral analysis with packet malware and IFC signatures to provide comprehensive threat detection. Our research lab curates the latest intelligence on threats and vulnerabilities impacting CPS operators, which is continuously fed into the platform. We’ve also partnered with Mandiant to make the Mandiant threat intelligence feed available on the Nozomi platform. This combined intelligence is distilled onto actionable threat cards with mitigation suggestions to accelerate response.
Critical Capability #3: Prioritize CPS Security Issues and Remediation
Managing and triaging risks is difficult for organizations of any size, but it becomes especially difficult in large CPS environments. The Nozomi Networks platform includes a comprehensive risk scoring engine that provides actionable information on asset criticality, helping you to target the most pressing issues first. The calculation factors in exposure, connections, vulnerabilities and alerts, all of which can be weighted against customizable metrics, such as device criticality. Additionally, an AI-based analysis is completed, which is also accounted for in the risk calculations. The risk score also accounts for compensating controls and other critical nuances of CPS environments. This extends from the individual device all the way up to site, zone and enterprise level, allowing you to consider the business process impact at every level.
The Nozomi Networks dashboard shows your current risk scores by zone, site and other categories you select. If you’re risk is trending in the wrong direction, you can drill down to see why and where you need to add the right controls. Maybe you need to lock down your insecure protocols or beef up your segmentation. Whatever you decide to do, your risk score will reflect the degree of impact your actions have made, using your own risk assumptions. If your risk score started at 70 globally and went down to 52, you now have hard ROI to justify your investment.
Critical Capability #4: Monitor CPS Security; Align to Enterprise Efforts
We understand that CPS protection platforms don't operate in a vacuum. Facilitating better coordination between IT security and CPS operational teams is one of our design principles, which is why we've built a robust technology partner ecosystem to support our customers' broader security technology stack. The Nozomi Advantage APIs have near-feature parity with the console, allowing both partners and customers to leverage bi -directional data and feature integrations. This means more integrations with a larger number of technology partners.
In addition to third-party integrations built with our API, Nozomi supports integrations with leading SIM tools natively or via Nozomi Networks developed third -party plugins for tools like Splunk. We also integrate with ITSM and SOAR platforms such as ServiceNow to provide CMDB asset enrichment, vulnerability management and incident response. We even support reactive containment integrations with platforms like the Fortinet and FortiGate firewalls and Cisco Identity Services Engine, whereby we trigger a firewall or NAC rule change to block a malicious actor when a threat has been detected.
We believe this recognition underlines the strength of our AI-powered CPS protection platform. Developed with over a decade of industry-trusted innovations, Nozomi’s CPS protection platform currently defends over 115,000,000 industrial and IoT assets across more than 12,000 installations around the world. The comprehensive platform delivers:
- Unparalleled asset discovery and inventory across wired, wireless, endpoint and ICS endpoint attack surfaces
- Sophisticated, actionable vulnerability management
- Fast and accurate anomaly and threat detection and management
- Comprehensive view of CPS cyber risk and risk mitigation strategies from the asset to the enterprise
- AI-powered prioritizations and remediation recommendations
Nozomi Networks is Here to Help at Every Stage of Your CPS Security Journey
We believe this Magic Quadrant for buyers of OT/ICS cybersecurity technology comes at a much-needed time, given the perfect storm of increased and more sophisticated cyberattacks on critical infrastructure, a rapidly evolving regulatory landscape, and the continued digital transformation of critical infrastructure. Again, we’re honored to be named a Leader in the Magic Quadrant for CPS Protections Platforms and to rank among the three highest-scoring vendors in the companion Critical Capabilities report for all Use Cases.
Developed with over a decade of industry-trusted innovations, the Nozomi Networks platform currently defends over 115,000,000 industrial and IoT assets across more than 12,000 installations around the world. It delivers operational resilience, risk management and regulatory compliance outcomes to customers across a wide array of OT and IoT verticals and use cases. We help you discover and defend what IT security tools can’t.
If you haven’t already been in touch, contact us today.
Gartner, Magic Quadrant for CPS Protection Platforms, Katell Thielemann, Wam Voster, Ruggero Contu, 12 February 2025
Gartner, Critical Capabilities for CPS Protection Platforms, Katell Thielemann, Wam Voster, Ruggero Contu, 18 February 2025
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and MAGIC QUADRANT and Peer Insights are a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.
