Published 04 Nov 2024

Nozomi Networks Expands OT Security with ARC Embedded Sensors

Nozomi Networks has announced its latest innovation: ARC Embedded – the first security sensor embedded directly within Mitsubishi Electric PLCs. This new capability allows real-time monitoring and protection at the PLC level, providing additional visibility into operational technology (OT) environments.

Why it matters

Solving Encryption Challenges. Traditional IDS systems are limited by encryption, making it almost impossible to monitor network traffic effectively. ARC Embedded circumvents this by collecting data directly within devices, allowing it to gather critical data without being hindered by encryption.

Announcement Details

  • East-West Traffic Monitoring: The ARC Embedded solution monitors lateral network traffic within OT environments, providing critical insights into communication patterns, configuration changes, and device health.
  • AI-Driven Protection: Leveraging AI, ARC Embedded enhances the detection of known and unknown vulnerabilities, continuously monitoring for signs of malicious activity at the PLC level.

The Big Picture – A shift to Embedded Security.  

This marks a broader industry trend towards embedding security directly into operational devices, rather than relying on network-based monitoring alone. As OT environments become more interconnected, this shift will be crucial for maintaining security and operational integrity.

This could push other vendors to adopt similar embedded security strategies.

Bridging IDS and EDR: Nozomi is effectively bridging the gap between traditional IDS systems and Endpoint Detection and Response (EDR) solutions by integrating device-level monitoring, expanding its capabilities across both categories.

Competing with EDR Vendors.  By embedding security within PLCs, Nozomi is positioning itself to compete more directly with EDR vendors, offering a comprehensive solution that integrates both network and device-level security.

What does this mean for Process-Oriented OT Cybersecurity?

While ARC Embedded monitors processes at the PLC level (Level 1), it does not provide direct Level 0 data. True Level 0 data comes directly from the physical processes themselves, which are more difficult for attackers to manipulate. However, ARC Embedded brings security closer to Level 0 by focusing on the devices that control these processes.

 


Copy Copy link X Facebook LinkedIn
Protecting the Process Layer of Critical Infrastructure with an unhackable source of truth
Our blog

Lastest blog posts

Tools and strategies to keep your infrastructure safe.

View all posts

A Process Oriented Upgrade to Obsolete Incident Response Plabyooks

18 June 2026

In Operational Technology (OT) environments, Incident Response (IR) timelines are measured against operational uncertainty. The longer it takes to determine whether cyber...

Data Centers Harden IT. CPS Remains Soft

04 June 2026

Data center infrastructure is built for resilience. Power, cooling, and physical security systems are tightly engineered to keep operations running, even under...

Recent Lesson from Warfare: Process Integrity Part of the Battleground

16 April 2026

As documented in Advisory AA26-097A, kinetic warfare now extends to critical infrastructure. When adversaries can manipulate the very data operators use to...