See Everything and Break Nothing: Unlocking Connected Device Visibility with Asimily

Before a security team can reduce risk, they have to know what they’re protecting. That sounds obvious, yet it’s where most cybersecurity programs quietly break down. You cannot prioritize a vulnerability on a device you have never seen, and you cannot enforce a policy around traffic you do not understand. Device visibility is the foundation on which everything else stands.

So how is that visibility actually obtained? The method you use to collect device data determines what you can safely see and, in some environments, whether a device keeps working at all – underscoring the need for caution when building a comprehensive inventory. So this is worth slowing down for. Asimily was purpose-built to address this challenge. In this article, we’ll uncover how Asimily’s Proactive Cyber Defense Platform collects device data and why its approach deliberately varies by device type and environment.

Related: How Poor Device Visibility Undermines Segmentation Efforts

The Passive Foundation

Asimily’s device inventory capability starts with passive and agentless network monitoring for every environment Asimily covers: networked devices, including the Internet of Things (IoT), Operational Technology (OT), Information Technology (IT), and even medical devices (IoMT).

Passive monitoring relies solely on a mirrored copy of network traffic, delivered through a switch feature commonly called SPAN, TAP, or port mirroring. Because it works on a copy of the network, passive monitoring never disrupts the path of live traffic. The original flow is untouched, and the devices themselves are never poked, probed, or taken offline. 

On that mirrored traffic, Asimily performs full-duplex deep packet inspection (DPI), essentially decoding both directions of a conversation. Asimily reads and interprets the protocols in use, then applies machine-learning traffic analysis to recognize each device and classify it. The output is a detailed picture: device type, function, manufacturer, the services it runs, what it talks to, and the patterns that qualify as normal for the device.

This level of deep understanding is possible because Asimily natively parses many hundreds of OT and medical device protocols – the specialized languages that programmable logic controllers, building systems, medical devices, and industrial equipment actually speak. That breadth of coverage is why the passive layer alone can identify the kinds of devices that agent-based tools routinely miss. It is also why the approach holds up in the field across more than 3,000 customer sites spanning manufacturing, utilities, healthcare and critical infrastructure.

Related: Asset Inventory is the Cybersecurity Foundation You Need

The Role of Active Scanning

There are other methods for gathering device information. In Safe active scanning, packets are sent as well as received and analyzed. Safe Active scanning involves directly querying a device to confirm attributes that passive observation might only infer, such as an exact firmware level or a specific service configuration.

For IT, IoT, and OT devices whose manufacturers encourage it, active safe scanning is a legitimate and useful tool, applied where it is safe and authorized. For many assets, Asimily uses manufacturer-supported methods designed for that device, so the interaction stays within what the device was built to handle.

To provide the most comprehensive view of your devices, Asimily integrates with other platforms that provide helpful context, consolidates and normalizes this information, serving as your source of truth for all cyber assets. This includes a whole range of solutions like EDRs, IPAM, CMMS, CMDB, Device Management tools, Network Management tools, VM scanners, NACs, Firewalls, and many others. For example, if an organization already runs authorized active vulnerability scanners, Asimily ingests those results and folds them into its own analysis. Existing data enriches the device inventory. The result is consistent and intuitive: passive by default, active where it is safe, and consolidated and normalized data across the environment. 

Related: Passive vs. Active Scanning for IoT Security

Unified Visibility for All Devices

What does this mean in the real world?

For fragile, legacy, or highly sensitive devices, Asimily relies on passive observation only. It does not run active scans against equipment that cannot tolerate unexpected network traffic. This is a deliberate safety choice to ensure critical devices are never disrupted.

But for the growing number of modern devices that are amenable to active and passive scanning, there are advantages to active scanning. Active scanning directly addresses the ultimate goal: the most accurate data available about a device, rather than inferred information from network traffic. A combination of active and passive data gathering provides an excellent quantity and quality of device information to inform strategic cybersecurity decisions. In fact, unless the manufacturer is deliberately hiding information about their devices, active and passive detection should provide as much information as can ever be gathered.

From Visibility To Prioritized Action

Collecting data is the means to achieving comprehensive device visibility, not the end goal of a cybersecurity program. The reason Asimily works this hard on the ‘how’ is that accurate device context is what makes every subsequent step trustworthy.

This data enables Asimily customers to take the most valuable actions to maximize security. End users can make changes to their environment with confidence based on the visibility data that exists from Asimily. Without this necessary visibility, those actions are built on an incomplete foundation. 

Get a full custom demo of the Asimily platform. Contact us today.

Secure Every IoT Device.
Automatically.

Cyber threats move fast — so should you. Asimily gives instant inventory and smart, prioritized risk mitigation insights for every IoT, OT, and IoMT device — so you can take action before threats strike.