Our Platform2026-04-03T10:48:41+02:00
Loading...

Seclab Xcore Platform,
for Defense in Depth in OT

Seclab Xcore Platform supports each organization in its OT cyber maturity journey at its own pace, with non-intrusive solutions that stand the test of time and do not burden operational teams.

The platform combines comprehensive visibility of OT assets, electronic isolation of critical perimeters, and continuous AI-enhanced attack detection.

Are these challenges familiar to you ?

You don’t have a precise understanding of what exists in your OT network: incomplete inventories, undocumented flows, and shadow assets.

You cannot protect everything at the same level: unmanageable complexity, uncontrolled costs, and overwhelmed field teams.

Available solutions are not designed for OT: too intrusive and too heavy. Very quickly, they end up becoming ineffective and misused.

To address them, adopt a progressive, step-by-step approach designed for the realities of OT and critical environments, with Seclab Xcore Platform.

OT CYBERSECURITY: THE ALL-OR-NOTHING TRAP

Most OT cybersecurity approaches impose a monolithic deployment:

• full solution purchase from the outset,

• probes deployed across the entire perimeter from day one,

• ongoing maintenance workload incompatible with OT team constraints.

This “all-or-nothing” model slows adoption, increases initial costs, and creates an operational burden that industrial teams cannot absorb.

Moreover, deploying protections without first having a clear understanding of what needs to be secured is a guaranteed failure.

>> IT solutions transposed to OT make the problem worse:

  • intrusive components on fragile equipment,
  • additional maintenance operations,
  • massive false positives,
  • IT-oriented alerts that lack a business-focused approach.

For True Defense in Depth that Genuinely Respects OT-Specific Constraints

Seclab offers a radically different approach with the Seclab Xcore Platform: a maturity-level-based methodology, protection focused on what truly matters, and solutions designed to operate in industrial environments.

This approach is based on two realities:

  • Industrial organizations all have different levels of cyber maturity.
  • Not all assets need to be protected at the same level.
OT Defense in Depth Approach with Seclab Xcore Platform

8 progressive milestones, structured into three phases.

Each phase (Discover, Isolate, Detect) lays the foundation for the next and corresponds to a software or hardware solution.

The approach incorporates the concept of MVDI (Minimum Viable Digital Industry), a perimeter that includes only the critical assets required for the continuity of business operations.

>> Discover to clearly identify critical assets connected to the network or using USB ports (MVDI).

>> Isolate to protect this MVDI with maximum security so that a security incident cannot bring down the business.

>> Detect to ensure continuous monitoring of the infrastructure, especially in non-isolated areas, thereby reducing analysis workload and false positives.

Even in the event of an attack, what matters most is preserved and everything can be restarted.

Icône présentant une menace bloquée grâce à la défense en profondeur OT

More than Detection

The only OT cybersecurity platform to offer asset protection through electronic isolation. Structural immunity to zero-day exploits by physical design, without reliance on signature updates.

Deployment Success

Automatic, multi-view mapping of OT assets and flows, including forgotten or unknown equipment, to build a solid foundation before deploying any protection solution.
Icône représentant la cartographie multi-vues
Icône représentant une démarche de défense en profondeur OT progressive

Security at your Own Pace

A progressive cybersecurity journey where each step delivers immediate value without operational disruption. This facilitates the deployment of defense in depth.

Low Impact on Production

Non-intrusive and compatible with legacy equipment, the platform and its products are designed to meet OT operational constraints.
Icône représentant des rouages pour évoquer une production maîtrisée
Icône représentant la conformité réglementaire

Regulatory Compliance

Asset inventory, flow matrix, isolation of critical systems, infrastructure monitoring, and attack detection: each phase generates the evidence expected by regulators, insurers, and boards of directors.

Technological Sovereignty

A French solution developed and maintained in France, with 100% European capital, full control over code, product manufacturing, data, and roadmap.

Icône représentant un process industriel maîtrisé, pour évoquer une segmentation réseau OT souveraine

Deploy defense in depth across your OT networks today

The Products of the Xcore Platform

Image illustrant le produit Xplore

Seclab Xplore – See-First Intelligence

Seclab Xplore provides non-intrusive visibility and detection of attacks or anomalies across your OT infrastructure. With its multiple role-specific views, IT and OT teams can finally collaborate on a shared mapping. Seclab Xplore supports both ad-hoc audits and continuous monitoring.

Learn more on Seclab Xplore

Image illustrant le produit Xchange

Seclab Xchange — Set-and-Forget Security

Seclab Xchange physically isolates critical OT assets from the rest of the network using patented Electronic AirGap technology. Seclab Xchange requires no maintenance operations or updates to maintain its security level.

Learn more on Seclab Xchange

Image illustrant le produit Xport

Seclab Xport — Plug-and-Protect Technology

In OT environments, many assets are maintained via USB media, a common infection vector. Seclab Xport filters each file transfer before it reaches the target system. Simply plug it in, and the USB port is protected against physical attacks.

Learn more on Seclab Xport

Frequently Asked Questions

What is Seclab Xcore Platform, and how does it differ from other OT cybersecurity solutions?2026-04-01T16:39:49+02:00

Seclab XCore Platform is the first European OT cybersecurity platform covering the full spectrum of defense in depth for OT environments. It combines visibility, physical isolation, and USB protection within an 8-milestone progressive approach—where competing platforms generally focus only on detection.

Three complementary products, one unified platform

Product
Function
Key Technology
Seclab Xplore Visibility and Detection
Passive sensors, 4 detection engines (mapping, Sigma, Suricata, behavioral)
Seclab Xchange Network Physical Isolation
Patented Electronic Air Gap, protocol break, CSPN ANSSI certified
Seclab Xport USB Port Protection USB physical isolation, access control via cryptographic signature

 

What sets Seclab apart from competing platforms

The distinction is twofold. First, Seclab integrates a layer of physical protection through patented Electronic Air Gap: where competitors detect attacks, Seclab structurally blocks them by removing network connectivity to critical assets. Second, the platform follows a graduated philosophy via the OT Maturity Response Model—8 progressive milestones that guide each organization from its actual maturity level, concentrating maximum protection on the MVDI perimeter (the truly vital assets).

Key takeaway — Seclab XCore Platform is the only European OT cybersecurity platform that combines detection (Xplore), network physical isolation (Xchange), and USB protection (Xport). Its 8-milestone progressive approach supports organizations without imposing a monolithic deployment.

What is MVDI, and why is it a central concept in Seclab’s approach?2026-04-01T16:37:19+02:00

MVDI (Minimum Viable Digital Industry) defines the perimeter containing only the digital assets vital for business continuity. It is the central concept of Seclab’s approach: to concentrate maximum physical protection on assets whose failure would have a critical impact on production.

Why protecting everything at the same level is a dead end

Applying maximum protection across the entire OT estate creates unmanageable complexity, uncontrolled costs, and operational constraints that can themselves threaten availability. Seclab’s approach takes the opposite path: during the DISCOVER phase, assets whose failure would be critical are identified, and physical protection via Electronic Air Gap is concentrated on this focused perimeter.

Three concrete advantages of MVDI

  • Maximum efficiency: protection resources are focused on real risk, not scattered across secondary assets.
  • Controlled cost and complexity: the protected perimeter is limited, reducing the number of devices to deploy and maintain.
  • Structural guarantee: MVDI assets cannot be compromised via the network, by physical design—not by statistical probability. It is deterministic, not probabilistic protection.

Key takeawayMVDI concentrates maximum physical protection on only the assets vital to production. Result: structural assurance for what matters, controlled costs, and reduced complexity compared to an “everything-protect” approach.

How are Seclab solutions adapted to the specific constraints of OT?2026-04-01T16:37:19+02:00

OT environments have constraints that are radically different from IT: 15–25 year equipment lifecycles, inability to patch many devices, absolute priority on availability, teams not scaled for intensive security workloads, and industrial protocols that IT solutions do not understand. Seclab designs its technologies for these realities.

Technologies born in the most demanding environments

Since 2011, Seclab has been developing its solutions in the most constrained industrial sectors—civil nuclear, rail transport, and space—where even the slightest interruption is unacceptable and certifications are extremely strict. This heritage is reflected in every product of the XCore platform.

Each product addresses a specific OT constraint

OT Constraint Seclab Response
Inability to patch / Legacy systems
Xchange protects without agents, without architecture modifications, and requires minimal updates (average 1/year vs. 1–10/month for an OT firewall)
Absolute process availability
Xplore discovers in a non-intrusive mode, with zero operational impact
Locked host systems (Windows XP, proprietary OS)
Xport operates Plug & Play, no installation required on the host
OT teams not sized for cybersecurity
 5 Xplore mapping views tailored to each role (CISO, automation engineer, plant manager), with intelligent alert routing
Specific industrial protocols
Native understanding of Modbus, S7, BACnet, DNP3, Triconex, etc.
Key takeaway — Seclab conçoit ses solutions pour l’OT depuis 2011, dans les secteurs les plus exigeants (nucléaire, ferroviaire, spatial). Zéro agent, zéro modification d’architecture, zéro dépendance aux mises à jour : la sécurité ne se dégrade pas avec le temps.
How does Seclab XCore Platform ensure compliance with NIS2 and IEC 62443?2026-04-01T16:39:19+02:00

Seclab XCore Platform directly addresses the requirements of NIS 2, IEC 62443, and LPM: asset inventory, network segmentation at SL-3 to SL-4 levels, incident detection, and full traceability for audits.

Mapping of regulatory requirements to Seclab capabilities

Requirement
Standard
Seclab XCore Response
Critical Asset Inventory NIS 2 Non-intrusive Discovery Xplore: comprehensive inventory, current, exportable and auditable
Network Segmentation NIS 2 + IEC 62443 Physical Isolation Xchange: SL-3 to SL-4 compliance, verification via Purdue Model view
Incident Detection and Management NIS 2 4 detection engines Xplore, contextualized alerts, forensic analysis
Removable Media Control IEC 62443 USB Physical Isolation Xport, control via cryptographic signature
Traceability and Auditability NIS 2 + IEC 62443 + LPM Packet archiving, exportable evidence for NIS 2 / IEC 62443 / LPM reporting

 

Real-time IEC 62443 segmentation verification

Xplore’s Purdue view instantly checks compliance with ISA-95 inter-level segmentation. The flow matrix ensures that only authorized business flows pass between zones, in accordance with the principle of least privilege. Deviations between theoretical and observed segmentation are identified, and corrective actions are prioritized based on impact.

Key takeaway — Seclab XCore meets NIS 2 requirements (inventory, segmentation, detection, traceability), IEC 62443 (SL-3/SL-4 zones and conduits, least privilege), and LPM. All information is easily exportable for inclusion in audit reports.

How does Seclab XCore Platform facilitate collaboration between IT and OT teams?2026-04-01T16:37:19+02:00

Seclab XCore acts as a bridge between the IT and OT worlds. Five mapping views, Zero-Trust IT/OT administration, intelligent alert routing, and native interoperability with existing tools allow teams to collaborate on shared data, each in their familiar representation.

The IT/OT gap: a structural barrier to cybersecurity

IT and OT teams have radically different priorities, tools, vocabularies, and technology lifecycles (3–5 years in IT vs. 15–25 years in OT). IT security policies cannot be directly applied to industrial environments, and IT solutions generate alerts that OT operators may struggle to interpret.

Four mechanisms to bridge IT and OT

  • Multi-view mapping: network, Purdue, logical, business, geographic—each role (IT network engineer, OT automation engineer, CISO, plant manager) works in their familiar view on shared data.
  • Zero-Trust administration in Xchange: dual IT/OT access control formalizes co-responsibility. OT teams retain control overflows entering their perimeter.
  • Intelligent alert routing: each signal is directed to the right person; in a language they understand.
  • Native interoperability: integration with existing firewalls, SIEM, SOC, bastions, and CMDB—no additional silo.

Key takeawayXCore bridges the IT/OT gap through four mechanisms: multi-view mapping per role, Zero-Trust administration formalizing co-responsibility, intelligent alert routing, and native interoperability with existing IT tools.

How to effectively protect OT infrastructures?2026-04-01T16:37:19+02:00

Protecting an OT infrastructure relies on three steps: see, isolate, monitor. This progressive approach, supported by solutions designed specifically for OT, allows organizations to increase cyber maturity without compromising operational availability. In OT, detecting is not enough—you must structurally block threats before an attack spreads.

Why IT solutions don’t work in OT

IT cybersecurity tools (antivirus, EDR, next-gen firewalls) are not suited to industrial constraints: frequent updates incompatible with maintenance cycles, false positives that can trigger production shutdowns, and an unmanageable volume of alerts for often limited teams. Against an OT ransomware attack or a targeted attack on a PLC, the delay between detection and response can be enough to cause production stoppages or industrial accidents.

Step 1 — Map assets and flows (visibility)

You can only protect what you know. Seclab Xplore passively maps connected assets, network flows, and vulnerabilities without ever interacting with the equipment. This continuously updated inventory forms the foundation of any OT cybersecurity strategy.

Step 2 — Isolate what is critical (protection)

Once critical assets are identified (the MVDI), network physical isolation via Xchange removes any direct connectivity between critical assets and risky zones. USB isolation via Xport closes the second major attack vector in OT environments. This step is decisive: it structurally blocks attack propagation even before detection occurs.

Step 3 — Continuously detect deviations (monitoring)

In OT, network changes are less frequent than in IT. The most effective approach is to detect deviations—new flows, new devices, behavior changes—rather than identifying each threat individually. This method produces fewer false positives and is suited to OT teams. Pre-isolating critical assets reduces the monitoring surface and the volume of alerts to manage.

The Seclab XCore Platform integrates these three steps: Xplore (discovery and detection), Xchange (network isolation), Xport (USB protection).

Key takeawayProtecting an OT infrastructure: see (Xplore), isolate the critical (Xchange + Xport), then monitor deviations (Xplore). In OT, isolation must precede detection—detecting without blocking is simply chasing the attack.

Solutions

Partners

Resources

Contact

Head office
205 impasse John Locke
34470 Perols
France

Paris offices
Liberty Tower
17 place des reflets
92400 Courbevoie
France

Atelier 42

© Seclab. 2026

Head office
205 impasse John Locke
34470 Perols
France

Paris offices
Liberty Tower
17 place des reflets
92400 Courbevoie

Head office
205 impasse John Locke
34470 Perols
France

Paris offices
Liberty Tower
17 place des reflets
92400 Courbevoie

Atelier 42

© Seclab. 2026

Go to Top