← All Services

Asset Discovery

Sector-aware discovery and inventory of IT, OT, and IoT assets across the cloud-to-edge path — because security starts with knowing what you have to protect.

Overview

Security starts with knowing what assets you have to protect. In most critical-infrastructure environments, that turns out to be the hardest question to answer: spreadsheets disagree with the network, the network disagrees with the engineering drawings, and the engineering drawings disagree with the field. Cloud-connected OT and IoT have made it worse — assets appear, change firmware, and acquire new network paths without anyone updating the source of truth.

Without an accurate inventory, every downstream control is partial. Vulnerability management misses the assets it doesn’t know about. Incident response cannot contain what it cannot find. SOCI and CIRMP reporting cannot be evidenced. Insurer questions stay unanswered.

xCIRT’s Asset Discovery service produces a defensible, sector-aware inventory across the full cloud-to-edge path, and leaves you with the process and tooling to keep it current.

What’s included

  • Cloud workload discovery — Hyperscaler and sovereign-cloud accounts: compute, identity, storage, network exposure, and any cloud-to-OT integration paths.
  • IT estate discovery — Endpoints, servers, identities, internet-facing services, jump hosts, and remote-access pathways.
  • OT environment discovery — PLCs, RTUs, SCADA, historians, HMIs, engineering workstations, safety systems — discovered passively where active scanning would be unsafe.
  • IoT / IIoT discovery — Field gateways, smart meters, sensors, and the telemetry pathways aggregating them.
  • Dependency mapping — Which systems talk to which, across the IT/OT boundary and out to cloud and field assets.
  • Classification — Criticality, regulatory scope (SOCI, AESCSF, IEC 62443 zone), data sensitivity, ownership.
  • Gap report — Assets discovered that weren’t in your existing CMDB, and CMDB entries that no longer match reality.
  • Living inventory handover — Tooling and process for keeping the inventory current, not a one-off PDF that goes stale in a quarter.

How it works

  1. Scoping — Define the in-scope environments and any sensitivities (safety-critical systems, change windows, segments where active discovery is prohibited).
  2. Passive discovery first — On OT and safety-critical segments, traffic-based discovery only. Active scanning is gated behind explicit authorisation and operations sign-off.
  3. Active discovery where safe — Standard tooling for IT, cloud APIs for hyperscaler estates.
  4. Reconciliation — Cross-reference against existing CMDB, asset registers, engineering drawings, vendor inventories.
  5. Classification and report — Findings, gaps, prioritised actions, and recommendations for sustaining the inventory.

Outcomes

A defensible asset inventory across IT, OT, IoT, and cloud — sector-classified, regulator-ready, and structured to feed the rest of your security programme. Vulnerability management, IR planning, CIRMP evidencing, and SOCI reporting all start working from a real source of truth rather than from a best-guess spreadsheet.

Need an Australian responder, now?

Retainer engagements, scoped pilots, and SOCI-readiness packages. Talk to us about what your critical-infrastructure estate needs.

Engage xCIRT View Services