Ordr Announces Integration with ServiceNow Vulnerability Response Read more here!

A special blog for October Cybersecurity Awareness Month

In an era where data security is paramount, we at Ordr, specializing in comprehensive security solutions for connected devices, prioritize safeguarding customer information as a core mission. One pivotal step Ordr has taken in securing data is earning SOC 2 compliance with a specific focus on Organizational Governance and Structure. I want to use this blog to delve into what our SOC 2 implementation journey means, how we steadfastly uphold our commitment to data security, and the significant benefits this provides to both our internal operations and customers.

Why is SOC2 Critical?

Service Organization Control 2, or SOC 2, is a widely recognized framework designed to assess and report on customer data’s security, availability, processing integrity, confidentiality, and privacy. It is a rigorous set of standards that validate an organization’s dedication to safeguarding sensitive information. By going through the process, SOC 2 certification validates:

  • Ordr’s ability to connect people, process, and technology to provide the services continuously.
  • Ordr’s ability to provide response during a critical security event.
  • Ordr’s ability to provide services in case of failure to the hosted data center with no impact to customers.

Those validations are important to us and for those organizations that put their trust in us. Ordr allows its customers to gain visibility into their complete attack surface. We do this by collecting a wealth of information from the infrastructures where Ordr is deployed. That data is critical for closing visibility gaps and understanding the context of data flows and device operations that allow us to deliver the highest level of security possible. Ordr takes pride in providing these services and makes data security a paramount requirement. We at believe these are core components to any SaaS solution and should be tested once a year to make sure all the above-mentioned factors are in sync.

[SOC 2] validations are important to us and for those organizations that put their trust in us.

Our SOC2 Journey 

Our SOC 2 compliance journey has been ongoing for the last several years, and each year the scope has expanded. Our commitment is not limited to specific aspects of our operations; it encompasses the entire development process, our entire employee population from onboarding to continuous training, and our customer onboarding and training processes. This comprehensive approach demonstrates our unwavering dedication to protecting our customers’ sensitive information.

  • Change Management: Our meticulous change management processes translate to a reduced risk of service disruptions, ensuring the uninterrupted operation of critical services for our customers.
  • Risk Management: By systematically identifying and mitigating potential security threats and vulnerabilities using a risk registry, we enhance the safety of our customer’s data and services.
  • Vendor Management: Customers benefit from our rigorous vendor management practices, which assure them of the security standards upheld by third-party vendors, going above and beyond merely reviewing vendor certifications like SOC 2.
  • User Access Management: Enhanced user access controls mean customer data remains accessible only to authorized personnel, minimizing the risk of unauthorized access.
  • Data Storage: Secure data storage practices give our customers confidence in protecting their sensitive information, safeguarding it from breaches and unauthorized access.
  • Hiring, Onboarding, and Employee Training: Customers benefit from a workforce that is not only vetted but also continuously trained to uphold the highest standards of security, thus reducing the risk of insider threats.
  • Incident Management: Well-documented and tested incident response plans mean that potential security incidents are swiftly and effectively handled, minimizing the impact on customer operations.
  • Logical Access: Enhanced logical access controls reduce the risk of data breaches or unauthorized access to customer systems and data.
  • Endpoint Security: The bolstered endpoint security ensures that our devices and endpoints are safeguarded against malware, viruses, and other security threats, reducing the risk of service disruptions or data compromise.
  • Data Resiliency: This allows Ordr’s service to run from another data center in case of failure to the primary data center and it means we are able to maintain SLA commitments provided in customer contracts.

Our commitment to SOC 2 compliance extends to additional rigorous controls. Every code commit undergoes a security review by an expert separate from the developer and code reviewer, ensuring that security considerations are meticulously addressed. We regularly test data resiliency between cloud locations for seamless failover, and we scrutinize every laptop for compliance with policies like firewall, encryption, and the presence of endpoint detection and response (EDR) and mobile device management (MDM) solutions.

When done right, with a diligent auditor that is allowed go through every employee, every customer, every line of code, every vendor, the SOC 2 process is more than worthwhile.

Our auditor, Geels Norton (BTW, highly recommended), is renowned for their diligence in auditing. Instead of reducing scope, we have consistently accepted a broader scope and higher standards by Geels Norton and actively strive to achieve and maintain these elevated security levels.

SOC 2 Does Matter

I am very aware of the ongoing and vigorous debate about the value of earning SOC 2 certification, that it is a waste of time, that organizations are finding ways to water-down the process and that, as a result, the process has become little more than window dressing. We take the opposite view. When done right, with a diligent auditor that is allowed go through every employee, every customer, every line of code, every vendor, the (painful) process is more than worthwhile. It gives an organization the information it needs to beef up controls and quantify its performance. Done right, SOC 2 demonstrates a top-to-bottom commitment to security.

Ordr’s achievement of SOC 2 compliance in Organizational Governance and Structure underscores our enduring commitment to security. We continue to vigilantly monitor our systems and processes, ensuring they comply with SOC 2 standards. Furthermore, we remain steadfast in our commitment to optimizing our security posture, proactively staying ahead of emerging threats, and ensuring that our customers can trust us with the highest level of data protection.


Today’s tech-dependent enterprises are no strangers to change. Our customers’ experiences demonstrate that familiarity daily. Whether they operate in healthcare, financial services, manufacturing, education, or government, they must contend with a constantly evolving infrastructure within their organizations, and constantly evolving threats from the outside. On top of that are the regulations and evolving business standards and practices that influence day-to-day operations.

Embracing digital transformation for all its benefits means buckling in for a bumpy ride—bumpier for some industries than others. Digital transformation expands an organization’s capabilities and opportunities, but it takes effort. In healthcare, for example, I recently stumbled on an interesting report stating that only 16% of healthcare providers are in the “win zone,” meeting their transformation goals and driving sustainable change. The average across other industries is over 30%. That figure may be discouraging, but it is absolutely understandable, and organizations in healthcare as well as other industries can learn a lot from the experiences of their peers.

High Risks, Big Rewards

Using technology to improve patient care and operations sounds simple, but it is a complex endeavor that takes herculean effort. The pandemic briefly diverted attention away from long-term planning, but most health delivery organizations (HDOs) and other enterprises are back to addressing their plans and priorities. They are beginning to switch back from being reactive to a proactive mode. And with good reason.

Although high stakes, high costs, and risk aversion have discouraged many in the healthcare industry and beyond from fully embracing digital transformation, the rewards are too great to ignore. And the threats, expectations and competition all organizations face are not standing still. Done well, digital transformation delivers benefits that outweigh the risks and so, for those that have been reluctant to act, the time to embrace digital transformation is now.

What’s Fueling this New Wave of Transformation?

Over the years, every organization I have worked with—no matter how big or small—boils down their core priorities to three essential goals:

  • Protecting people and the network
  • Preserving service availability
  • Improving operational efficiency

Those goals never change, even when the tools and strategies for achieving them do. And what’s more, they are transferable to other contexts as well: keeping manufacturing equipment operational and staff safe on the shop floor, preserving service availability for financial transactions, maintaining the operational efficiency of constituent services, etc. Consistent with these goals, here are some key initiatives and capabilities that are driving this new wave of transformation and pushing the boundaries of operational potential.

  • Remote workforce support (i.e., work from home);
  • Remote facility, branch, and clinic operations;
  • Contractor and equipment maintenance support and outsourcing;
  • Data center transformation and migration to hybrid cloud;
  • Digital supply chain enablement; and,
  • Mergers and acquisitions.

These use cases show how, more and more, connected devices are integral to fulfilling an organization’s mission. And as the inventory of connected devices expands—including the Internet of Things (IoT), Internet of Medical Things (IoMT), operational technologies (OT), mobile, and other devices—those deployments reflect the evolution of the technology. Assets that were once under tight control, on-premises and behind the firewall, are now expanding and connecting beyond traditional boundaries, across multiple network dimensions, and outside of the view and control of IT.

Here are some examples:

  • Access from Any Device – IT, IoT, IoMT, OT, IoXT.
  • Access from Anywhere – remote sites, remote workers, telemedicine.
  • Deployed Anywhere – private and public cloud, virtualized data centers.
  • Modern Apps/Mobile Apps – XaaS, training, collaboration, any device-anywhere-any deployment support.
  • Ecosystem – third party apps, supply chain access, mergers and acquisitions.

What Keeps the CXOs Up at Night?

IT leaders tasked with driving new digital transformation initiatives understand that success goes well beyond merely integrating new technologies and getting them up and running. Enjoying the multitude of benefits that can follow the completion of a technology refresh comes with many elements contributing to the pucker factor that keeps a CXO awake at night. An expanded and expanding attack surface is at the heart of this unease. Acknowledging that fact, and the factors that play into those concerns, is the first step in planning for and addressing them during the transformation process, rather than promising yourself that you’ll “get to it eventually.” Some pucker factors are reflected in several troubling trends.

Surge in Ransomware Attacks

Ransomware attacks are now more frequent, sophisticated, and severe than ever—and getting worse. Attackers know that many organizations will pay huge ransoms because costs associated with downtime and operational disruption may be even higher than what attackers demand. In healthcare, disruptions caused by ransomware can have life and death consequences.

Prevention is the best way to deal with the ransomware threat, but old school methods simply don’t work. Prevention demands accurate and timely detection, and response automation that can block an attack from progressing to its target destination. You need a way to detect ransomware early, before it has encrypted your organization’s files, because then it’s too late to take effective action.

State-Sponsored Attacks

Adversarial nation states have become adept at using the ambiguity of cyberwarfare to launch attacks on critical infrastructure and economic targets, as well as organizations that hold valuable intellectual property. The tools and methods developed for these campaigns are rarely confined to a limited set of organizations either, as sowing chaos is part of the strategy.

For example, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and Treasury Department issued a joint advisory about North Korean Maui ransomware targeting the healthcare industry. Similarly, Russian threat actors have been hard at work compromising connected devices and using them as a platform for attacks, including data exfiltration after establishing communications with command-and-control servers in Russia.

Digital Supply Chain Security

Digital supply chains that allow for remote and automated service between organizations have been a boon for operational efficiency—and for threat actors able to compromise those connections for their own ends. The SolarWinds Orion attack targeting U.S. federal agencies and commercial enterprises illustrated how damaging supply chain attacks can be.

Vulnerable SolarWinds servers sitting inside agency and corporate networks, operating with privileged access to IT systems, proved to be a gold mine for hackers to exploit and get whatever data they need, including high level state and military secrets.

Shadow IoT

One big security challenge faced by enterprises today is the presence of connected devices on their networks operating outside the view of IT security and operations. Known as “shadow IoT,” these devices epitomize the mantra you can’t protect what you can’t see. A recent Five Fifty report by McKinsey highlights the risk of the proliferation of devices connecting to the network as shadow IoT (such as the infamous hack of a casino using a connected aquarium thermometer as the vector of attack) and lack of readiness for most organizations.

Often these systems operate with outdated OSes, are unpatched, and unmanaged. Without proper onboarding—or a security platform able to detect, identify, profile, and monitor any device that connects to the network—any organization with shadow IoT operating within its IT estate is at risk of an attack.

How Ordr Helps Enable Secure Digital Transformation

Ordr’s mantra from the beginning has been to enable our customers to SEE, KNOW, and SECURE every device that is connected to their organization. To do this, we establish the most comprehensive and accurate single source of connected device truth in the Ordr Data Lake for each of our customers. This starts with automatically discovering and accurately classifying every connected device because you can’t secure what you can’t see.

From this foundation of visibility Ordr provides a complete view of the connected device attack surface including how devices are connected and communicating, which devices are vulnerable, and the unique risk each device represents in the environment.

Integrations across the security, networking, and IT ecosystem are integral to the Ordr solution. These integrations enhance the already rich view Ordr has of connected devices by centralizing additional data points and device details. A good example of this are the recent integrations with Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) platforms in the recent Ordr 8.2 release.

Integrations also enable Ordr to enrich the tools and workflows used every day and improve how teams manage and secure devices. An example here is the recent integration with the ServiceNow Service Graph Connector to help customers ensure the data in their CMDB is complete, up to date, and accurate. Another example is how Ordr device insights are used to optimize vulnerability scanning with Qualys.

Integrations also help teams take action to address vulnerabilities, respond to active threats, proactively improve protections, and ultimately reduce risk. Ordr automates the creation of security policies and enforces those policies by integrating with a customer’s existing security and network infrastructure. With this approach Ordr customers are able to quickly block attacks, quarantine compromises devices, segment vulnerable devices, and accelerate Zero Trust projects to proactively improve security.

We continue to drive innovations across the Ordr platform and expand with integrations across the security, networking, and IT ecosystem to provide our customers with a single source of truth for all their connected devices. Reach out for a demo and to learn how Ordr can help you SEE, KNOW, and SECURE, all your connected devices.


It’s a new year, and with so much uncertainty, seven of Ordr’s executives and subject matter experts offer ironclad predictions for what to expect in connected device security in 2023.

Bryan Gillson – Head of Vertical Market Strategy

As a result of the convergence of information technology (IT) and operational technology (OT) and expanding connectivity of once isolated industrial infrastructure, there will be a notable increase in attacks targeting OT. Ransomware, cyberterrorism, and other attacks will be the unfortunate result and critical infrastructure environments will be a primary target.

OT like industrial control systems (ICS), supervisory control and data acquisition (SCADA), and similar equipment was once protected by air-gapping their networks from traditional IT and the internet (the Purdue Enterprise Reference Architecture, or Purdue Method). However, as trends like remote supervision, automation, and digital supply chain management have taken hold, greater levels of connectivity have opened those once isolated environments—including legacy systems running obsolete, unsupported, and unsecure equipment—putting them in reach of threat actors who have proven themselves all-too willing to take advantage of any vulnerability, and any type of organization.

Jim Hyman – CEO

CISOs and cybersecurity champions inside more organizations will see a sharp increase in support as corporate boards bring in cybersecurity expertise. When the U.S. Federal Trade Commission (FTC) issued guidance last year putting corporate boards on notice that “data security begins with the Board of Directors,” it added fuel to a process that had been slowly gaining momentum in recent years by elevating the issue of cybersecurity within corporate governance. In 2023 that process will translate to meaningful support for security initiatives, including budgets and staffing.

Similarly, in 2023 more organizations will be held to account for their lax security programs and we can expect to see greater attention given to the issue of cybersecurity by federal legislators. Lawmakers are growing impatient with corporate inaction even as threats begin to affect individuals amid attacks on critical infrastructure, including hospitals. As Senator Ron Wyden told MIT Technology Review, “There’s a tendency to hype the capabilities of the hackers responsible for major cybersecurity incidents, practically to the level of a natural disaster or other so-called acts of God. That conveniently absolves the hacked organizations, their leaders, and government agencies of any responsibility.”

In 2023 more organizations will be held to account for their lax security programs and we can expect to see greater attention given to the issue of cybersecurity by federal legislators.

Kahil Thomas – Regional Sales Manager, Healthcare

Inventory tools like configuration management databases (CMDBs) and computerized maintenance management systems (CMMSs) will play an increasingly critical role in cybersecurity as the number of connected devices continues to soar and organizations turn to automated solutions to scale security efforts. The importance of these tools , in turn, will prioritize the need to automate the collection of asset details, aggregate data from multiple sources, and ensure accurate, real-time information.

Gartner has identified the expansion of cyber-physical systems, including IoT and other connected devices, as a major risk for organizations that fail to account for all assets across their environment. Human effort alone is not capable of keeping up with the growth of connected devices and that is why automation is essential to all cybersecurity related tools.

Gnanaprakasam Pandian – co-founder and Chief Product Officer

In 2023, organizations will finally have a single, unified asset knowledgebase for cyber security. This is essential to achieving and maintaining a Zero Trust security posture that spans IT, OT, and IoT. That is because maximizing protection demands there be no blind spots; and gaining a unified view of all connected assets, along with their essential business context, is foundational for cyber security today. That capability represents the keys to the cybersecurity kingdom, and it will be available to most organizations in 2023. Many organizations (but not all) will embrace it.

Also, the era of proactive protection using behavioral models will finally displace the era of reactive remediation. This will relieve a tremendous burden from security teams that currently spend an enormous amount of energy on reactive remediation and allow them to apply their skills to other areas of security, like optimization, automation, and forensics. Effective security means knowing what a device does much more than what the device is. Hence, behavioral modeling of devices will form the foundation of threat detection and automated response.

The era of proactive protection using behavioral models will finally displace the era of reactive remediation.

Darrel Kesti – VP of Sales

Healthcare will see an increase in mergers and acquisition activity in 2023 as a result of the financial toll on the industry since early 2020, including effects related to both the pandemic and a sharp increase in costly cyberattacks. Smaller and independent hospitals, clinics, and related service providers that are no longer able to deliver a high quality of care will see some operations shut down while others will be absorbed by larger providers, extending their reach and expanding their market footprint. But because many smaller healthcare organizations have been targeted relentlessly by threat actors, acquiring organizations must be careful to conduct thorough due diligence to determine if any threats exist before merging IT estates.

We will also continue to see an increase in cyber insurance premiums and coverage limitations in 2023 across healthcare and all other industries. As a result of the growing number of claims and increasing scrutiny, cyber insurance providers will demand greater documentation of essential security controls and will refine their audits and reviews to verify adequate security measures are in place, paying close attention to the complete 3PT (People, Process, Policy, and Technology) elements of security programs to reduce their risks.

Bryan Wallace – Head of Partner Sales

Network administration teams will be squeezed between being short-staffed due to a tight labor market and tightening budgets even as security requirements and expectations increase in the coming year. Trends toward network segmentation, Zero Trust implementation, and complete cyber asset attack surface management (CAASM), among other network-centric security priorities, will push organizations toward adopting new tools to simplify the definition and implementation of rigorous security policies (e.g., firewall, NAC, switch ACLs) and that allow teams to do more with less.

Similarly, both security and network teams will require a unified view of inventory and risks across IT, OT, and IoT assets as connectivity between industrial and administrative networks continues to expand. The blending of these environments will increase complexity and risk, while making security and IT operations management impossible without the right (automated) tools.

Trends toward network segmentation, Zero Trust implementation, and complete cyber asset attack surface management (CAASM)… will push organizations toward adopting new tools to simplify the definition and implementation of rigorous security policies

Paul Davis – VP of Customer Success

Cyberattacks targeting the healthcare industry will continue to increase, driving legislation at the state and federal level in the U.S., and abroad, while also prompting the industry to adopt stricter security standards on its own. In response, healthcare organizations will look for ways to generate efficiencies for security in what are often complex organizations.

With the overlap between traditional IT security teams and biomed/clinical engineering becoming more apparent, there will be pressure to adopt monitoring and security management tools that address requirements across the teams in 2023. The goal of these efforts is to improve visibility of the attack surface and response to threats while providing a more consistent and effective way of communicating security risk across the whole organization.


Cisco has been a mainstay of Silicon Valley for decades, launched in 1984 by two Stanford University computer scientists with a vision of creating technology for the “network of networks” that paved the way for interconnecting the entire world into a single seamless system as we see today. Its fortunes have ascended as its hardware became ubiquitous. Now ranked No. 63 on the Fortune 100 list, Cisco has recently eclipsed Microsoft as the world’s most valuable company.

Not surprisingly, Cisco hardware has made its way into the digital infrastructures of tens of thousands of organizations over the past three-plus decades. The Cisco Catalyst 9000 Series is Cisco’s flagship switching portfolio. Enterprises worldwide rely on the Cisco Cat9k to power transformative solutions, not only as part of its core capabilities but also via a variety of Cisco and partner applications hosted on the switches. Today, Ordr announces the ability of our sensor to be deployed as a hosted application on the Cat9k, which not only extends visibility and insights on connected devices to any site a Cat9k switch is deployed but also extends Zero Trust segmentation to the edge. This, together with our recent offering on the Meraki Marketplace provides every Cisco Identity Services Engine (ISE) and Software-Defined Access (SDA) customer with a seamless way to accelerate their deployments.

But before we get into the details, let’s take a look at why such protections have become increasingly important in the past several years.

The Rise of Threats on Connected Devices

Many connected devices, including but not limited to IoT (Internet of Things), IoMT (Internet of Medical Things), and OT (Operational Technology) were primarily intended to communicate with each other or within a closed system. As long as the transmissions remained within the confines of a manufacturing plant, a hospital, or another facility, it was unlikely that an outsider could tap into them and cause harm.

That changed as information transmitted through connected devices evolved to provide core business functions – merging the overall IT infrastructure of an organization with its operational functions. Digital transformation has hastened this shift, potentially affecting countless devices in numerous scenarios that the term “connected devices” has been recently coined and gone mainstream. It’s meant as an umbrella term for the host of connected cyber-physical systems, not just IoT, OT, but industrial control systems (ICS), industrial devices (IIoT), medical devices (IoMT), and facilities devices controlling such things as elevator and HVAC functions and everything in between.

The threats and risks these connected devices introduce are not just theoretical. The healthcare industry is among the most frequently targeted by threat actors and is heavily reliant on connected medical devices. The average hospital has an inventory of more than 3,850 IoMT devices. The attack surface is larger and more complex than most if not all other industries. Poor security and lack of visibility can have life or death consequences as digital risk expands into having a very real physical impact.

Threats have also manifested in the manufacturing sector, which has jumped from an area largely ignored by cybercriminals a few years ago to the number one target for ransomware in 2022 according to IBM Security’s X-Force Threat Intelligence Index 2022. The jump is due largely to the shift to Industry 4.0, a term used to describe the increasing interconnectivity between manufacturing facilities and external information sources.

Attack surfaces have expanded not just for healthcare and manufacturing but for every organization that has embraced digital transformation including financial services, retail, government, education, public sector, and utilities. Whether it be protecting a connected camera, a patient’s infusion pump, a programmable logic controller (PLC) on the manufacturing floor, or host of other critical connected devices, the need for security has never been more important.

The Cisco+Ordr Solution – Establish Trust at Point of Access

The Cisco+Ordr collaboration embraces and enables Zero Trust – a strategic approach to security that centers on the concept of minimizing the attack surface by enforcing trust from an organization’s network architecture. The Zero Trust model of security prompts you to question your assumptions of trust at every access attempt. This comprehensive solution to secure all access across your applications and environment, from any user, device, and location, allowing you to mitigate, detect, and respond to risks across your entire environment.

A Zero-Trust approach:

  • Establishes trust in every access request, no matter where it comes from
  • Secures access across your applications and network
  • Extends trust to support a modern enterprise across the distributed network

The Building Blocks…

Using the Catalyst 9000

To address the requirements of securing connected devices, Ordr has added 2 new Cisco product integrations including its sensor technology on the Cisco Catalyst 9000 Series Switches and advanced data learning from Cisco Meraki Systems Manager to extend end-to-end visibility and security across the entire organization.

The Ordr sensor for the Catalyst 9000 allows organizations to deploy the sensor as a hosted application on the switch to scale data collection across campus environments or extend Ordr to locations where it’s not possible or practical to deploy an Ordr hardware sensor – to secure devices in branch offices, smaller remote locations, and the like.

So equipped, customers know what devices are in their environment, their physical location, the essential details for each device, whether they are behaving normally, and how to secure them. Ordr gains this level of insight by continuously collecting and analyzing data from sensors as well as switches, routers, wireless controllers, firewalls, and other devices in the network. Insights from Ordr’s analysis helps teams maintain an up to date device inventory, meet compliance requirements, and quickly respond to contain active threats. Ordr insights also provide context essential to defining and implementing Zero Trust policy with solutions such as Cisco ISE.

A Cisco Meraki Ecosystem Partner

Ordr now is also a Cisco Meraki Ecosystem Partner, so customers can analyze their Meraki cloud data with Ordr and gain a central, single source of truth to see, know, and secure all their connected devices. For businesses that have switched to remote workforces since the emergence of the pandemic, this is an efficient way to safeguard from potentially dangerous devices used in home offices among other locations outside of typical corporate protections.

Integration with Multiple Solutions

Ordr’s close relationship with Cisco over the years means that it now integrates with multiple solutions. In addition to those previously named, Ordr integrates with Cisco TrustSec, Cisco Secure Networks Analytics (Stealthwatch), and Cisco Prime Infrastructure. Ordr also integrates with Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls through Cisco ISE.

Ordr integrations across the Cisco portfolio help customers add the end-to-end visibility and security needed to accelerate segmentation and Zero Trust projects with CiscoISE and SDA solutions. Most importantly for organizations that are struggling with connected device security, Ordr’s device classification, network awareness, security intelligence, and auto-generated enforcement rules provide context needed to simplify the process of creating, provisioning, and managing connected device segmentation policies.

Quick Deployment and Improved Security

The Ordr sensor for the Catalyst 9000 is deployed in a matter of minutes as a pre-packaged Docker container on any Catalyst 9000 switch supporting application hosting. Cisco DNA Center can be used to deploy the Ordr sensor on hundreds of Cisco Catalyst 9000 switches with a few clicks, then combined with Ordr SaaS managed service, customers gain insights and improve device security across connected devices in a matter of hours.

See-Know-Secure with Ordr+Cisco

Ordr’s deep integrations across the Cisco portfolio help customers add the end-to-end visibility and context needed to protect connected devices and accelerate the deployment of Cisco ISE and SDA solutions. Ordr’s device classification, network awareness, security intelligence, and ability to auto-generate enforcement rules simplify the process of creating, provisioning, and managing IoT, IoMT, and OT segmentation policy.

For more information about how Ordr can help strengthen the visibility, security, and overall management of connected devices across all your Cisco deployments, please visit www.ordr.net/partners/cisco and attend the Ordr Masterclass on May 19th.


The connected device security market has been heating up over the last five years, as evinced by Palo Alto Networks’ acquisition of Zingbox in 2019, the CyberX acquisition by Microsoft in 2020, and Insight Partners’ purchase of Armis, also in 2020. This week’s announcement of Claroty’s acquisition of Medigate continues the trend and leaves no doubt that device security is a high priority for enterprise cybersecurity. This is a very large market that will do nothing but accelerate as the number and variety of connected devices – and the potential attack surface – continues to expand.

The recent Claroty-Medigate news validates Ordr’s “whole enterprise approach” to device security, and our widely shared perspective that IoT/OT are converging–and that you need a security strategy that spans both these environments to protect the enterprise. That has been our strategy from the outset: providing a single, simple solution to provide visibility and security to every connected device. While our competition focuses on integrating disparate, complex solutions created for distinct market segments, we will instead keep our focus entirely on the needs of our customers.

When we speak to our customers, it’s clear that security leaders across industries recognize the urgent need to discover and secure the full spectrum of connected devices in their environment. That’s why Ordr customers benefit from our sole focus on their resilience against attack, encompassing every vulnerable device, from highly specialized equipment to general IT, IoT, and building infrastructure. Enterprises choose Ordr because we deliver:

Architecture leadership: We are a platform built from the ground up to address the visibility and protection of any connected device—IoT, IoMT, and OT. This means we deliver not only granular details about every device, but also how it is communicating, its network connectivity and flows, and its risks and behavior. Our ability to then automatically generate policies to secure any vulnerable device (on existing infrastructure like firewalls, switches and NAC) is a game changer, saving not just hours in resources, but reducing errors in manual policy creation and preserving ROI in existing infrastructure investments.

Customer-first culture: Our investments in and commitment to customer support, technical excellence, and professional services ensures success for the long-term. KLAS Research says, “Ordr’s culture of flexibility and willingness to partner stands out as reasons they are selected.” That’s because our team is easy to work with and has the integrity to deliver what we promise.

Proven deployments: We’ve been doing this since our first product availability in 2017. With every deployment, our Ordr Data Lake, our device database, and the number of network flows we monitor grows. Our team has proven track record of success in discovering and securing every connected device across its entire database. Together with our customers, we’re sharing these best practices in external conferences like HIMSS, AAMI, Manusec, and CSO50 to ensure the entire security community benefits from best practices.

If you are among those enterprises grappling with the challenges of securing your complex, hyper-connected infrastructure against cyberattacks, the good news is you don’t have to wait months or years for an integrated solution. With Ordr, you can get the visibility into your IT/IoT/OT environment that you need, with the ability to secure and protect your assets today.

Ordr has the platform you need now. Get in touch with us to learn more.