ot.whisper.online · compare

Your OT platform sees what's on the network — not whether anyone can prove this asset is who it claims.

Dragos, Claroty, Nozomi, Armis, Forescout, Xage — each is good at what it does, and you should keep running every one of them. But the intrusion survives the whole stack, because it walks two seams no single tool was built to close: attribution that crosses the org boundary when the egress rotates, and an asset identity a third party can verify without logging into anyone's platform.

Whisper is those two layers — and only those. Additive, never a replacement: it turns your inferred inventory into cryptographic identity, closes both gaps, and makes the MUD your devices already declare actually enforceable. The address is the asset — provable, from the key it already holds, and no one can forge it.

whisper verify --trustless — the one differentiator every tool here lacks: you never have to trust our API.

2 gaps publicly-verifiable identity + cross-org attribution — the two seams no OT tool closes
0 rip-and-replace — Whisper rides on top of your OT visibility and SOC
RFC 8520 the MUD a device already declares — made enforceable at its own /128
STIX 2.1 a machine-readable feed (CEF · ECS today) — TAXII export on the roadmap
flat per-asset, per-year — not per-connection, not usage-metered
trustless verify an asset's identity without trusting our API

Every tool here is good. The incident survives in the seams between them.

The OT intrusion — reach an exposed asset, ride a converged IT foothold across the Purdue boundary, issue a valid-looking command over shared, rotating egress — passes every perimeter check on purpose. Strip it down and it leans on exactly two structural gaps. Here's which category of tool leaves each one open, and why.

Gap 1 · attribution stops at the firewall

The visibility vendors baseline behavior beautifully inside your network — but a hostile session arrives over shared, rotating egress, and behavioral fingerprinting stops at the Purdue boundary. You see the last IP inside your own DMZ; it was never the operator. Rate-limit it and they spin up a fresh cloud IP or a residential exit, and you correlate nothing across the vendor/integrator boundary.

Only Whisper closes it — the graph. A live internet-infrastructure graph — 7.44B nodes and 39.3B relationships of fused BGP, DNS, WHOIS, TLS, hosting and threat intel, answering in under 300 ms — fingerprints the operator, not the IP. Cloud rotation collapses into one infrastructure genealogy (shared ASN, hosting, certificate lineage); a residential swarm collapses on a JA4/JA3 client fingerprint that travels with the tooling regardless of the exit. Every answer is a reproducible evidence chain your auditors, your integrator and a regulator can replay — the one thing we never rely on is the last IP.

Gap 2 · no one outside your fabric can prove the asset

In OT a device cannot prove who it is, and a controller cannot verify what it is told — a valid-looking command from anywhere with reachability is obeyed as if it came from the plant operator. Visibility vendors infer identity from behavior — a probabilistic label, scoped to the monitored network, non-revocable off-box. Even the good key-derived names the industry already has stay trapped locally: OPC UA binds an ApplicationUri into the app-instance certificate, but trust is a per-site TrustList — public CAs are explicitly discouraged, and revocation is a local CRL edit no one across the boundary ever sees.

Only Whisper closes it — identity. Take the identifier the asset already carries — its OPC UA ApplicationUri, its 802.1AR IDevID, or its nameplate serial — and bind it to a routable, forge-proof /128 derived from the asset's own public key, DNSSEC-anchored and DANE-EE pinned. Now a regulator, an insurer or a peer operator can verify it against the IANA root without ever logging into your platform — and the MUD the device already declares becomes an egress rule enforced at that /128, not a suggestion at the nearest switch. The declaration finally becomes proof.

Gap 1 is detection made durable across rotation and across the org boundary. Gap 2 is the root cause removed — an identity anyone can check and you can revoke worldwide in one call. No tool you already run was built to close either; that's the white space, and it's exactly the two seams the 2023–25 wave of opportunistic OT intrusions walks through.

The intrusion asks three questions. Your stack answers only the first.

Line the categories up against the questions an incident actually forces you to answer, and the picture is honest and simple: the network layer is well covered, and the two layers underneath it — attribution across the boundary, and identity anyone can verify — are the seams.

the intrusion asks three questions — your stack answers only the first ① What's on my OT network — and is it behaving? visibility & detection layer — passive/active discovery, inside your fabric Dragos · Claroty · Nozomi covered — inventory + anomaly GAP 1 ② Who's behind this connection, across rotation? attribution — cloud hops + a residential swarm, across the org boundary behavioral fingerprint — partial stops at the Purdue / firewall boundary GAP 2 ③ Can anyone outside prove this asset is who it claims? identity — inferred from behavior, or private-rooted in a vendor fabric no tool spans the org boundary Whisper additive — closes Gap 1 + Gap 2 operator fingerprint · JA4 DANE-EE /128 · asset's own key MUD egress → your SIEM STIX 2.1 · TAXII · CEF · ECS feeds ① the two seams every OT intrusion walks through — and the only layer that spans them
Additive by construction: Whisper owns the two layers no one else does, and hands the first layer a sharper feed. Keep your OT visibility and your SOC — Whisper closes what they can't reach.

Visibility tells you what is on the network. Xage roots identity privately. Whisper makes it publicly verifiable.

Two neighboring categories, and us. The OT visibility & detection incumbents — Dragos, Claroty xDome, Nozomi, Armis, Forescout, Tenable OT, Microsoft Defender for IoT — own protocol visibility and anomaly detection; their identity is inferred from behavior, appliance- or SaaS-scoped, and their attribution stops at the firewall. Xage is the one genuine identity peer: real OT identity and a zero-trust fabric, now extending to AI-agent identity — but private-rooted and overlay-scoped. Here is the honest grid.

Capability OT visibility / detection OT zero-trust identity (Xage) Whisper
OT protocol visibility / discovery / inventoryadditive feed · consumes their inventory
OT anomaly / threat detection
Remote / privileged access control to assetscomplements
Per-asset device identity — how rootedinferred from behaviorprivate CA / ledger / appliance overlay✓ DNSSEC + DANE, publicly rooted
Publicly verifiable by a 3rd party — no vendor platform in the loop
Identity from the asset's existing key — no new agent / appliance inline— needs mesh / broker / sensor
Cross-org attribution across rotating cloud / residential egress— in-network only
Cross-org revocation at DNS-TTL✓ within its own fabric only✓ internet-wide
MUD (RFC 8520) egress bound to a globally-verifiable identitypartial · local allowlistspartial · policy at the broker

"My visibility platform already discovers every asset and flags anomalies. Isn't that identity?"

It's an inference, not a proof. A behavioral inventory gives you an excellent probabilistic label — this looks like a Siemens S7 on line 3 — scoped to the network you can see, and it evaporates the moment you ask a party outside that network to trust it. Whisper turns that inferred label into a cryptographic fact anyone can check against the IANA root, from the key the asset already holds, and revoke in one call. We don't replace the discovery — we consume it and make it verifiable.

Xage secures identity inside your fabric. Whisper makes identity verifiable outside it.

Xage is the closest neighbor on this page, and a serious one: real OT identity, a zero-trust fabric with local enforcement that survives site isolation, credential vaulting and session control, and — like us — a move into non-human, AI-agent identity. We respect it. The difference is the root of trust: Xage anchors identity in its own distributed ledger and enforces it at Xage nodes in the path; Whisper anchors identity in the public DNS and puts nothing in the path at all.

Same zero-trust spirit, opposite root of trust. With Xage, a regulator, insurer or peer operator has to join or log into the fabric to verify an asset. With Whisper, they run dig and whisper verify --trustless against the IANA root — no platform to join, no appliance to trust, and our own API deliberately outside the trust path. And because the /128 is derived from the key the asset already holds, there's no mesh to put in-line and no new agent to flash onto a fielded, brownfield fleet.

the same OT asset its own existing key private root — inside the fabric Xage fabric · mesh nodes private ledger / CA · enforced in-path must join the fabric regulator · insurer · peer operator verifies only from inside the platform public root — on the internet /128 · DNSSEC · DANE-EE · RDAP public DNS · nothing in the path no account regulator · insurer · peer operator dig + whisper verify --trustless same zero-trust spirit — opposite root of trust
Xage's in-path enforcement is a real strength — it survives site isolation. Whisper's out-of-path public anchor is a different strength — anyone can verify the asset without your platform, and you can revoke it internet-wide in one call. They are complementary roots, not the same one.

The rest of the neighborhood secures something adjacent, not the asset's own identity. Cyolo, Dispel, Claroty xDome Secure Access, Cisco Cyber Vision + Secure Equipment Access, Zscaler PRA broker the human, privileged session to an asset — user, role and session-centric, appliance- or cloud-mediated — and they complement us: they authorize the operator, we prove the machine. TXOne allowlists and auto-segments at the host and segment — local by design. None of them makes an asset's identity verifiable across the org boundary, and none makes MUD enforceable at the asset's own address.

Every platform here, you must trust. Ours, you don't have to.

Every console and fabric on this page asks you to trust its verdict. Whisper's core claim — this address is that asset — is checkable by anyone against the IANA DNS root, with our own API deliberately outside the trust path. No account required. And the same names give you a reconnaissance tripwire the private registries never did: see who's enumerating your plant before the write lands.

verify & watch — no key required
# keyless — re-derive and verify any asset's identity, trustless
$ whisper verify --trustless 2a04:2a01:71c::a55e
  ✓ DNSSEC chain valid to the IANA root
  ✓ DANE-EE (TLSA) leaf matches the asset's OPC UA app-instance key
  ✓ RDAP: registered under AS219419 · 2a04:2a01::/32
  identity: VERIFIED — and our own API was never trusted

# the address is the asset — reverse DNS names it
$ dig -x 2a04:2a01:71c::a55e +short
  plc-line3-04.ot.acme-plant.whisper.online.

# who's enumerating your plant — a recon tripwire, before the write lands (keyless)
$ curl -s https://whisper.online/ip/2a04:2a01:71c::a55e/lookups
  17 TLSA + PTR lookups in 6 min from one operator across 3 clouds → flagged

# who really operates a suspicious controller — the public graph API, with your key
$ curl -s https://graph.whisper.security/api/query -H "X-API-Key: whisper_live_xxx" \
    -H 'content-type: application/json' -d '{"query":"CALL whisper.identify(\"34.90.x.x\")"}'
  operator:  <fingerprinted> · seen across AWS / GCP / Azure
  residential swarm collapsed by JA4: same tooling, 41 exit IPs → 1 operator
provision & enforce the MUD — with your key
# bind the asset to the OPC UA ApplicationUri it already carries
$ export WHISPER_API_KEY=whisper_live_xxx
$ curl -s https://graph.whisper.security/api/query -H "X-API-Key: $WHISPER_API_KEY" --data-urlencode "q=CALL whisper.agents({op:'connect', args:{tier:'wireguard',
       identity_public_key:'<base64 SPKI of the asset key>',
       device_id:'urn:acme-plant.example:opcua:LINE3-PLC-04'}})"   # device_id = the OPC UA ApplicationUri
  → identity 2a04:2a01:71c::a55e   DNSSEC + DANE live

# the MUD the device already declares — now enforced at its own /128, default-deny
$ whisper policy set --default deny \
      --allow mud.acme-controls.example,scada.acme-plant.example   # its maker's cloud + its controller
$ whisper kill --revoke 2a04:2a01:71c::a55e   # cross-org, worldwide, at DNS-TTL

Whisper is one layer, done well. It sits beside these — not over them.

Plenty of good vendors own the sensor, the session and the segment. That's a different lane, and we don't claim it. Naming the boundary is the point: it's how you know exactly what you're buying.

OT protocol visibility, discovery & anomaly detection

Passive and active discovery across 600+ ICS protocols, CMDB inventory, ML process-baselining, KEV and CVE management — Dragos, Claroty xDome, Nozomi, Armis, Forescout, Tenable OT, Microsoft Defender for IoT. Whisper does none of it and doesn't pretend to; it consumes that inventory and turns an inferred label into a verifiable, revocable identity. Additive; it runs beside us.

Remote & privileged access brokering

Securing the human, privileged session to an asset — MFA, vaulting, session recording, jump-hosts — Cyolo, Dispel, Claroty Secure Access, Cisco SEA, Zscaler PRA. That authorizes the operator; Whisper proves the machine and attributes the connection. Fully complementary — they gate the human, we identify the asset.

In-path protocol enforcement & segmentation

Host allowlisting, auto-segmentation and protocol-aware firewalling in the command path — TXOne and the broker-gateways. Honest scope: Whisper changes who may reach and speak to a device, and attributes who did — it does not add authentication to Modbus / DNP3 / PROFINET on the wire, and it can't stop a purely-internal write once an attacker already holds an OT-segment foothold. That last inch must be enforced in-path; we say so plainly.

We don't do OT protocol visibility, anomaly detection, asset discovery, or remote-access brokering — the incumbents are excellent at those, and we consume and complement them. Whisper is the publicly-verifiable, key-derived, internet-attributable identity layer — the one thing on this page that closes both seams — and it's honest about being exactly that.

No new silo. Mapped to your standards. Availability-safe by construction.

The additive posture isn't just tidy architecture — it's what makes the buy defensible. Nothing you already run gets torn out; one line item closes two gaps, makes MUD enforceable, and feeds everything else.

A feed, not another console

The Splunk, Microsoft Sentinel and OpenCTI connectors ship today. Findings map to CEF and ECS, with STIX 2.1 over TAXII export on the roadmap. Zero analysts babysitting a new pane of glass — the finding lands where the SOC already looks.

Speaks your compliance language

A verifiable per-asset identifier maps to IEC 62443-4-2 CR 1.2 and the zones-and-conduits of 62443-3-3; a one-call revoke and default-deny egress evidence EU CRA Annex I 2(d)/(j)/(l) (the 2027 CE deadline), CISA CPG 2.0 IPv6-inventory (near-verbatim), and TSA / NERC segmentation. Honest: identity ≠ full auth — the asset still does its OPC UA / TLS handshake; we make it globally verifiable and attributable, we don't replace it.

Flat, forecastable TCO

Per-asset, per-year and flat — not per-connection, not usage-metered. ROI in analyst-hours saved correlating disposable IPs, blast radius reduced to a single asset, and one revoke instead of a site-wide reset across the vendor boundary. See pricing →

On-prem or your own tenant

Data residency by construction — the graph and the per-asset logs stay where your regulator needs them. The identity plane is built to fail open: a Whisper outage never bricks a PLC; checks degrade to your existing anchors, and there's no inline OT chokepoint to add.

Nothing issued in the dark

Every identity mint and every revoke lands in a public, append-only RFC 6962 Merkle transparency log, Ed25519-signed and anchored to Bitcoin via OpenTimestamps — an auditable, non-repudiable trail for NERC, the CRA and your insurer. Honest status: tamper-evident today; independent witnessing is the next step.

A vendor built to outlast the question

Real routable address space (AS219419), run by people who ran the internet's regional address registry and operated one of its root DNS servers. Keyless to prove, one call to adopt — run whisper verify --trustless today with no account, then POC → pilot → enterprise.

"Will you still be here in five years — and does adopting you touch my firmware or my uptime?"

Real address space, your tenant, zero firmware change. AS219419 and founders who operated core internet registries and DNS aren't a burn-rate story. The graph and logs run on-prem or in your own tenant, the identity plane fails open so our uptime never gates an asset, and the identity is derived from the key the asset already holds — no re-flashing a brownfield fleet. Every mint and revoke is in the Bitcoin-anchored transparency log, and the trustless verify path lets you audit the core claim without trusting us at all. Additive also means low switching cost in both directions — the safest way to start.

Keep your stack. Close the two seams.

Whisper is the attribution and identity layer that sits on top of the OT visibility and SOC you already run — additive, mapped to your standards, flat to price, and it makes the MUD your devices already declare enforceable. Keyless to try, one call to provision, one more to revoke.

Or run whisper verify --trustless right now — our API isn't in the trust path.