Inspecting devices

Inspect a single PLC

cydeep inspect --target 10.0.1.100 --protocol s7

Supported protocol values

Value	Protocol	Default port
`s7`	Siemens S7comm	102
`cip`	CIP / EtherNet/IP	44818
`modbus`	Modbus TCP	502
`bacnet`	BACnet/IP	47808

Discover devices on a subnet

cydeep discover --targets 10.0.1.0/24

This probes all four protocol ports on each address and reports responding devices with their identity information.

Output

# JSON output
cydeep inspect --target 10.0.1.100 --protocol modbus --format json

Example JSON output:

{
  "target": "10.0.1.100",
  "protocol": "modbus",
  "device_id": "Schneider M340",
  "firmware": "3.20",
  "vendor": "Schneider Electric",
  "purdue_level": 1,
  "cves": [
    {
      "id": "CVE-2021-22779",
      "severity": "critical",
      "description": "Authentication bypass in Modbus communication"
    }
  ]
}

Platform integration

When run through the Cybrium platform, cydeep findings are added to the asset inventory with Purdue level classification and linked to the compliance framework for ICS/SCADA security controls.

Inspect a single PLC​

Supported protocol values​

Discover devices on a subnet​

Output​

Platform integration​

Inspect a single PLC

Supported protocol values

Discover devices on a subnet

Output

Platform integration