Passive ICS Intelligence

Qualified vulnerability leads.
Without the guesswork.

Sentinel OT delivers firmware-validated intelligence packages for OT professionals — confirmed operators, validated CVEs, and decision-maker contacts. Ready for your sales team.

100% passive sources · No active scanning · Ever.

TX-2026-001
Verified Lead
Operator Paul Gas Co. — Midland Operations
Location Midland, TX 79701
Industry Oil & Gas — Midstream Operations
Equipment Inventory
MicroLogix 1400 C/21.02 29 CVEs
MicroLogix 1400 C/21.06 29 CVEs
MicroLogix 1400 B/21.05 38 CVEs
+ 3 more devices
Est. Scope $1.5M — $2.5M
Decision Maker Identified
95% Confidence
Firmware Validated

Every lead is a qualified
intelligence package

We don't hand you a list of IP addresses. Every lead is a researched, validated, ready-to-pitch memo with everything your sales team needs.

Firmware-Validated CVEs

Every CVE is confirmed against the exact device model and firmware version. No keyword-match false positives. We check NVD version ranges and flag what's patched vs. unpatched.

CVE Validation Engine
CVE-2024-3493 CompactLogix 5380 ✕ Wrong model
CVE-2018-17924 MicroLogix 1400 ✓ Confirmed
CVE-2020-6998 MicroLogix 1400 ↑ Patched
CVE-2019-10952 MicroLogix 1400 ✓ Confirmed
47 → 29 validated

Confirmed Operators

Multi-signal attribution using property records, EPA facility data, state regulatory databases, and professional network research. We identify who owns the devices and confirm it independently.

Multi-Signal Attribution
🏛 EPA ECHO Database
📄 Property Records
State Regulatory Filings
👤 LinkedIn Research
Paul Gas Co. 95%

Decision-Maker Contacts

OT Manager, Controls Engineer, Plant Manager — we find the person who signs the PO. Name, title, and company verified through public sources and professional networks.

Decision Maker Identified
JS

John Smith

VP of Operations

Company Paul Gas Co.
Authority Capital Projects & SCADA Budget
Approach Compliance + modernization ROI
Verified LinkedIn + public directory

Full Project Scope

Every lead includes a realistic cost estimate broken down by hardware, engineering, installation, and software. Your sales team walks in with a number — not a guess.

Project Scope Estimate
Hardware — PLCs, RTUs, HMIs, network $680K — $820K
Engineering — design, programming, cyber $750K — $950K
Installation — field, commissioning, cutover $420K — $520K
Software — SCADA licensing, historian, OT security $180K — $260K
PM — documentation, compliance, training $120K — $180K
Estimated Total $2.15M — $2.73M

Risk Assessment

Every lead comes with a clear risk profile so your sales team can prioritize the hottest opportunities. We score based on real factors — not scare tactics.

Risk Assessment
High Priority
8.7 / 10
Internet-exposed PLCs 6 devices
Unpatched critical CVEs 29 confirmed
End-of-life firmware All devices
Network segmentation None detected
Action Immediate

How we build a lead

Five steps from raw signal to ready-to-pitch intelligence. All passive. All verified.

1

Passive Discovery

Proprietary passive reconnaissance to identify exposed ICS devices. No active scanning.

2

CVE Validation

Each firmware version matched against NVD data with version-range checking.

3

Operator Attribution

Cross-reference GPS, property records, EPA databases, and state filings.

4

Contact Research

LinkedIn and public directory research to identify the decision maker.

5

Intelligence Package

Branded PDF memo with full inventory, CVEs, risk assessment, and contacts.

Your reputation is on the lead.

Traditional Lead Gen
Trade shows — $10-50K per event, hope the right person walks by
Word of mouth — unpredictable, unscalable, slow
RFP responses — competing on price against 5 other integrators
Vendor partner leads — shared with every other integrator
Waiting for equipment to fail — reactive, not proactive
Sentinel OT
Firmware-validated CVEs — false positives removed
Confirmed operators via multi-signal attribution
Decision-maker contacts verified through public sources
100% passive intelligence — no scanning, ever
Ready-to-pitch PDF memos with full project scope estimates

Leads your sales team can close

Confirmed operator. Validated vulnerabilities. Decision-maker contact. Every lead is a ready-to-pitch package — not raw data your team has to research.

System Integrators

Migration project leads

🛡

OT Cybersecurity

Monitoring platform leads

🔍

Security Assessors

Assessment engagement leads

📦

Hardware Distributors

Equipment replacement leads

📡

Managed Security

OT monitoring contracts

100%
Passive sources only
100+
Passive scans performed
0%
False positives in our reports

See a real lead.

Request a free sample vulnerability memo — a real lead with validated CVEs, confirmed operator, and decision-maker contact.

Request a Sample Lead