The latest version of the security solution Nozomi Arc pushes industrial environments from passive detection into active threat prevention for OT endpoints. It introduces three modes—Detection (monitor only), Quarantine (block and preserve malicious files), and Delete (remove malicious files immediately)—giving organizations flexibility based on operational risk and uptime sensitivity. The engine is powered by threat-intelligence feeds in YARA, STIX, and SIGMA formats, integrated with the broader OT/IoT platform to unify endpoint and network security in one view.

By extending sensor capabilities to Windows, Mac, and Linux hosts within operational systems, the solution addresses critical pivot-points such as operator workstations, HMIs and other assets often targeted in attacks. The improved visibility and response reduce mean time to detection and containment, while integration with industrial workflows helps preserve uptime and aligns with frameworks such as ISA/IEC 62443 in OT environments.

‍

Source: https://industrialcyber.co/news/new-nozomi-arc-release-strengthens-ot-endpoint-security-while-preserving-uptime/