NetWitness and DeepInspect Forge Alliance to Defend Critical Infrastructure

SAN FRANCISCO, CA – March 23, 2026 – In a strategic move to address the escalating cyber threats against critical infrastructure, threat detection leader NetWitness has announced a technology partnership with DeepInspect, a specialist in operational technology (OT) security. The collaboration integrates DeepInspect’s industrial monitoring capabilities directly into the NetWitness platform, creating a unified defense system for the increasingly interconnected worlds of enterprise IT and industrial OT.

This partnership arrives at a critical juncture. As industrial sectors from manufacturing and energy to transportation digitize their operations, the once-solid barrier between corporate networks (IT) and the systems controlling physical processes (OT) has all but vanished. While this convergence drives efficiency, it also exposes vital machinery and control systems—power grids, water treatment facilities, and railway networks—to the same cyber threats that have long plagued the IT world. Recent studies underscore the urgency, with one report indicating that 73% of industrial organizations have experienced an intrusion affecting their OT systems, highlighting a vulnerability that threat actors are keen to exploit.

The Blurring Line and the Widening Threat

The security gap created by IT/OT convergence is no longer a theoretical problem. High-profile incidents like the 2021 Colonial Pipeline shutdown, which was triggered by a ransomware attack on its IT systems but crippled its OT-managed fuel distribution, serve as stark reminders of the potential for cascading failures. Attackers are increasingly sophisticated, leveraging vulnerabilities in legacy OT equipment that was never designed for an internet-connected world and exploiting the lack of visibility between the two domains.

The integrated solution from NetWitness and DeepInspect is designed to close this gap. By ingesting industrial protocol telemetry from DeepInspect’s technology, the NetWitness platform can now analyze OT-specific data alongside traditional IT logs, network packets, and endpoint information. This provides security teams with a single, comprehensive view of their entire digital and physical environment.

"Organizations can no longer treat IT and operational technology as separate security domains," said John Pirc (JP), Chief Product and Technology Officer at NetWitness, in the official announcement. "By extending NetWitness visibility into industrial environments, security teams gain the context they need to detect and respond to threats that span enterprise and operational networks."

This unified approach allows security operations centers (SOCs) to detect anomalous behavior, investigate suspicious activity, and conduct forensic analysis across the full attack surface. For example, an analyst could trace an initial phishing attack on a corporate email account (IT) as it moves laterally to compromise a control system engineer’s workstation and then attempts to issue unauthorized commands to a programmable logic controller (PLC) on the factory floor (OT). Without a consolidated view, such a multi-stage attack could easily go undetected until it causes physical disruption.

A Strategic Play in a High-Stakes Market

The move positions NetWitness to compete more directly in the specialized but rapidly growing market for industrial cybersecurity. The space is currently led by established OT security specialists like Dragos, Claroty, and Nozomi Networks, which have built their reputations on deep expertise in industrial control systems (ICS). Broader cybersecurity giants like Palo Alto Networks and Microsoft have also entered the fray, extending their enterprise platforms into the OT realm.

NetWitness’s partnership strategy with DeepInspect represents a powerful alternative to building a solution from scratch or acquiring a company outright. It combines NetWitness's established strength in enterprise-grade threat detection and response with DeepInspect’s specialized, “military-grade” insights into the unique protocols and behaviors of industrial environments. This collaboration aims to provide the best of both worlds: a comprehensive, unified platform that doesn't sacrifice the nuanced expertise required to protect sensitive OT assets.

DeepInspect brings proven field experience to the table, with its technology already deployed in critical infrastructure, including a major railway operator. "We are proud to launch our innovative solution to a global stage with NetWitness," stated Marco Lombardi, CEO of DeepInspect. He noted the integrated solution has "already proven its value in real-world deployments, meeting critical market demands and securing key industrial infrastructures."

Beyond Compliance to Operational Resilience

The partnership also helps organizations navigate a complex and tightening regulatory landscape. Frameworks like the NIST Cybersecurity Framework, Europe's NIS2 Directive, and sector-specific mandates such as NERC-CIP for the energy sector all increasingly demand robust security measures for OT systems. The NetWitness-DeepInspect solution directly maps its capabilities to the five core functions of the NIST framework: Identify, Protect, Detect, Respond, and Recover.

However, the goal extends beyond simply checking a compliance box. By providing real-time, unified visibility and consolidating alerts into a single platform, the solution aims to enhance what experts call operational resilience—the ability to not only prevent attacks but also to withstand and quickly recover from them with minimal disruption to essential services. This proactive posture is vital for national security and economic stability.

By simplifying SOC workflows and reducing the complexity of managing disparate security tools, the integrated platform empowers analysts to respond more swiftly and effectively to incidents. This speed is crucial when an attack could potentially disrupt power, halt manufacturing, or compromise public safety.

As industrial infrastructure becomes an ever-more-attractive target for state-sponsored actors and cybercriminals, the need for holistic security solutions that see the entire picture has never been greater. The alliance between NetWitness and DeepInspect is a clear signal that the cybersecurity industry is moving to erase the outdated divisions between IT and OT, building the integrated defenses necessary to protect the backbone of modern society.