OT Security Posture Scorecard 🏭🔒
Assess the security posture of Operational Technology (OT), Industrial Control Systems (ICS), and SCADA environments. Returns a detailed scorecard with risk ratings, gap analysis, and prioritized remediation steps aligned to IEC 62443 and NIST CSF frameworks.
Built by a CISSP/CISM certified security professional at ToolWeb.in
When to Use
- - User asks to assess OT or ICS or SCADA security posture
- User wants to evaluate industrial control system risks
- User needs OT-IT convergence security analysis
- User asks about IEC 62443 or NIST CSF compliance for OT environments
- User mentions critical infrastructure security assessment
- User wants a security scorecard for manufacturing, energy, water, or utility systems
Prerequisites
- -
TOOLWEB_API_KEY — Get your API key from portal.toolweb.in - INLINECODE1� must be available on the system
API Endpoint
CODEBLOCK0
Workflow
- 1. Gather inputs from the user. Ask for the following:
Required fields:
- org_name — Name of the organization (e.g., "Acme Manufacturing Corp")
- sector — Industry sector (e.g., "Manufacturing", "Energy", "Water Treatment", "Oil & Gas", "Pharmaceuticals", "Transportation", "Mining")
- ot_size — Size of OT environment (e.g., "Small", "Medium", "Large", "Enterprise")
- integration_level — Level of IT/OT integration (e.g., "Minimal", "Partial", "Full", "Air-Gapped")
- csf_scores — NIST CSF self-assessment scores (each 1-5). Ask the user to rate their maturity in each area:
- identify — Asset management, risk assessment (1=none, 5=optimized)
- protect — Access control, security training, data protection (1=none, 5=optimized)
- detect — Monitoring, detection processes (1=none, 5=optimized)
- respond — Incident response planning and execution (1=none, 5=optimized)
- recover — Recovery planning and improvements (1=none, 5=optimized)
Optional fields (use if the user provides them):
- ot_technologies — List of OT technologies in use (e.g., ["SCADA", "PLC", "HMI", "DCS", "RTU"])
- it_tools — List of IT security tools in use (e.g., ["Firewall", "SIEM", "IDS", "EDR"])
- threat_concern — Primary threat concerns (e.g., "Ransomware targeting OT networks")
- compliance — Target compliance framework (e.g., "IEC 62443", "NIST CSF", "NERC CIP")
- known_gaps — Known security gaps (e.g., "No OT network monitoring, shared credentials on PLCs")
- team_maturity — Security team maturity level (e.g., "No dedicated OT security team")
- assessment_depth — Level of detail: "standard" (default) or "detailed"
- 2. Call the API with the gathered parameters:
CODEBLOCK1
- 3. Parse the response. The API returns a JSON object with:
-
status — "success" or error status
-
report — Full markdown report containing executive summary, NIST CSF function analysis, top 5 priority risks, technology stack assessment, and step-by-step remediation roadmap
-
overall_score — Numeric score (0-100)
-
csf_avg — Average CSF score across all 5 functions
-
risk_level — Risk rating ("Critical", "High", "Medium", "Low")
-
org_name — Organization name echoed back
- 4. Present results to the user in a clear, structured format:
- Lead with the overall score and risk level
- Show the executive summary from the report
- Highlight the top 5 priority risks
- Present the remediation roadmap phases
- Offer to dive deeper into any specific section
Output Format
Present the scorecard as follows:
CODEBLOCK2
Note: The report field contains a comprehensive markdown report. Present the most actionable sections first (executive summary, top risks, quick wins) and offer to show the full report or specific sections on request.
Error Handling
- - If
TOOLWEB_API_KEY is not set: Tell the user to get an API key from https://portal.toolweb.in (plans start at ₹2,999/month or ~$36/month) - If the API returns 401: API key is invalid or expired — direct user to portal.toolweb.in to check their subscription
- If the API returns 429: Rate limit exceeded — wait and retry after 60 seconds
- If the API returns 500: Inform user of a temporary service issue and suggest retrying in a few minutes
- If curl is not available: Suggest installing curl (
apt install curl / brew install curl)
Example Interaction
User: "Assess the security of our water treatment plant's SCADA system"
Agent flow:
- 1. Ask: "I'll need a few details to run the assessment:
- What's your organization name?
- How large is your OT environment? (Small/Medium/Large)
- How integrated are your IT and OT networks? (Minimal/Partial/Full)
- Can you rate your maturity (1-5) in these areas: Identify, Protect, Detect, Respond, Recover?"
- 2. User responds: "WaterCo Utilities, medium size, partial integration. Identify: 3, Protect: 2, Detect: 2, Respond: 1, Recover: 1"
- Call API:
curl -s -X POST "https://portal.toolweb.in:8443/security/itotassessor" \
-H "Content-Type: application/json" \
-H "X-API-Key: $TOOLWEB_API_KEY" \
-d '{
"org_name": "WaterCo Utilities",
"sector": "Water Treatment",
"ot_size": "Medium",
"integration_level": "Partial",
"ot_technologies": ["SCADA", "PLC", "HMI"],
"csf_scores": {"identify":3,"protect":2,"detect":2,"respond":1,"recover":1}
}'
- 4. Present the scorecard: overall score, risk level, executive summary, top risks, and quick wins
Pricing
- - API access via portal.toolweb.in subscription plans
- Free trial: 10 API calls/day, 50 API calls/month to test the skill
- Developer: $39/month — 20 calls/day and 500 calls/month
- Professional: $99/month — 200 calls/day, 5000 calls/month
- Enterprise: $299/month — 100K calls/day, 1M calls/month
##About
Created by ToolWeb.in — a security-focused MicroSaaS platform with 200+ security APIs, built by a CISSP & CISM certified professional. Trusted by security teams in USA, UK, and Europe and we have platforms for "Pay-per-run", "API Gateway", "MCP Server", "OpenClaw", "RapidAPI" for execution and YouTube channel for demos.
- - 🌐 Toolweb Platform: https://toolweb.in
- 🔌 API Hub (Kong): https://portal.toolweb.in
- 🎡 MCP Server: https://hub.toolweb.in
- 🦞 OpenClaw Skills: https://toolweb.in/openclaw/
- 🛒 RapidAPI: https://rapidapi.com/user/mkrishna477
- 📺 YouTube demos: https://youtube.com/@toolweb-009
Tips
- - For the most actionable results, provide detailed descriptions of your OT environment
- Run assessments quarterly to track improvement over time
- Use the compliance mapping output directly for audit preparation
- Combine with the IT Risk Assessment Tool skill for a holistic IT+OT security view
OT安全态势评分卡 🏭🔒
评估运营技术(OT)、工业控制系统(ICS)和SCADA环境的安全态势。返回详细的评分卡,包含风险评级、差距分析以及符合IEC 62443和NIST CSF框架的优先修复步骤。
由CISSP/CISM认证安全专家在ToolWeb.in构建
使用场景
- - 用户要求评估OT、ICS或SCADA安全态势
- 用户希望评估工业控制系统风险
- 用户需要OT-IT融合安全分析
- 用户询问OT环境的IEC 62443或NIST CSF合规性
- 用户提及关键基础设施安全评估
- 用户需要制造、能源、水务或公用事业系统的安全评分卡
前提条件
API端点
POST https://portal.toolweb.in:8443/security/itotassessor
工作流程
- 1. 收集用户输入。询问以下信息:
必填字段:
- org_name — 组织名称(例如:Acme制造公司)
- sector — 行业领域(例如:制造业、能源、水处理、石油天然气、制药、交通运输、矿业)
- ot_size — OT环境规模(例如:小型、中型、大型、企业级)
- integration_level — IT/OT集成程度(例如:最低、部分、完全、物理隔离)
- csf_scores — NIST CSF自评分数(每项1-5分)。请用户对每个领域进行成熟度评级:
- identify — 资产管理、风险评估(1=无,5=优化)
- protect — 访问控制、安全培训、数据保护(1=无,5=优化)
- detect — 监控、检测流程(1=无,5=优化)
- respond — 事件响应规划与执行(1=无,5=优化)
- recover — 恢复规划与改进(1=无,5=优化)
可选字段(用户提供时使用):
- ot_technologies — 使用的OT技术列表(例如:[SCADA, PLC, HMI, DCS, RTU])
- it_tools — 使用的IT安全工具列表(例如:[防火墙, SIEM, IDS, EDR])
- threat_concern — 主要威胁担忧(例如:针对OT网络的勒索软件)
- compliance — 目标合规框架(例如:IEC 62443, NIST CSF, NERC CIP)
- known_gaps — 已知安全差距(例如:无OT网络监控,PLC共享凭证)
- team_maturity — 安全团队成熟度(例如:无专职OT安全团队)
- assessment_depth — 详细程度:标准(默认)或详细
- 2. 调用API,使用收集的参数:
bash
curl -s -X POST https://portal.toolweb.in:8443/security/itotassessor \
-H Content-Type: application/json \
-H X-API-Key: $TOOLWEBAPIKEY \
-d {
orgname: name>,
sector: ,
otsize: size>,
integrationlevel: level>,
ot_technologies: [, ],
it_tools: [, ],
csf_scores: {
identify: <1-5>,
protect: <1-5>,
detect: <1-5>,
respond: <1-5>,
recover: <1-5>
},
threatconcern: concern>,
compliance:
}
- 3. 解析响应。API返回JSON对象,包含:
- status — success或错误状态
- report — 完整Markdown报告,包含执行摘要、NIST CSF功能分析、前5大优先风险、技术栈评估和分步修复路线图
- overall_score — 数字评分(0-100)
- csf_avg — 所有5个功能的平均CSF分数
- risk_level — 风险评级(严重、高、中、低)
- org_name — 组织名称回显
- 4. 向用户呈现结果,采用清晰的结构化格式:
- 首先显示总体评分和风险等级
- 展示报告中的执行摘要
- 突出显示前5大优先风险
- 呈现修复路线图阶段
- 提供深入探讨任何特定部分的选项
输出格式
按如下方式呈现评分卡:
🏭 OT/IT融合安全评估
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
组织:[org_name]
行业:[sector]
总体评分:[overallscore]/100 — [risklevel]
CSF平均分:[csf_avg]/5.0
[从报告字段中提取并呈现关键部分:]
- - 执行摘要
- 前5大优先风险(含严重程度)
- 第一阶段速赢(0-30天)
- 推荐新增技术
📎 完整详细报告可用 — 可要求展示任何部分
注意: report字段包含全面的Markdown报告。首先呈现最可操作的部分(执行摘要、主要风险、速赢),并根据请求提供完整报告或特定部分。
错误处理
- - 如果未设置TOOLWEBAPIKEY:告知用户从https://portal.toolweb.in获取API密钥(套餐起价₹2,999/月或约$36/月)
- 如果API返回401:API密钥无效或已过期 — 引导用户访问portal.toolweb.in检查订阅状态
- 如果API返回429:超出速率限制 — 等待60秒后重试
- 如果API返回500:告知用户临时服务问题,建议几分钟后重试
- 如果curl不可用:建议安装curl(apt install curl / brew install curl)
交互示例
用户: 评估我们水处理厂SCADA系统的安全性
代理流程:
- 1. 询问:我需要一些详细信息来进行评估:
- 您的组织名称是什么?
- 您的OT环境规模多大?(小型/中型/大型)
- 您的IT和OT网络集成程度如何?(最低/部分/完全)
- 请对以下领域的成熟度进行评分(1-5):识别、保护、检测、响应、恢复
- 2. 用户回复:WaterCo公用事业公司,中型规模,部分集成。识别:3,保护:2,检测:2,响应:1,恢复:1
- 调用API:
bash
curl -s -X POST https://portal.toolweb.in:8443/security/itotassessor \
-H Content-Type: application/json \
-H X-API-Key: $TOOLWEB
APIKEY \
-d {
org_name: WaterCo公用事业公司,
sector: 水处理,
ot_size: 中型,
integration_level: 部分,
ot_technologies: [SCADA, PLC, HMI],
csf_scores: {identify:3,protect:2,detect:2,respond:1,recover:1}
}
- 4. 呈现评分卡:总体评分、风险等级、执行摘要、主要风险和速赢
定价
- - 通过portal.toolweb.in订阅计划获取API访问权限
- 免费试用:每天10次API调用,每月50次API调用,用于测试技能
- 开发者版:$39/月 — 每天20次调用,每月500次调用
- 专业版:$99/月 — 每天200次调用,每月5000次调用
- 企业版:$299/月 — 每天10万次调用,每月100万次调用
##关于
由ToolWeb.in创建 — 一个专注于安全的MicroSaaS平台,拥有200+安全API,由CISSP和CISM认证专家构建。受到美国、英国和欧洲安全团队的信任,我们拥有按次付费、API网关、MCP服务器、OpenClaw、RapidAPI等执行平台以及用于演示的YouTube频道。
- - 🌐 Toolweb平台:https://toolweb.in
- 🔌 API中心(Kong):https
