November 7, 2023 at 10:03AM
OpalOPC is a free tool developed by Molemmat Oy to help industrial organizations identify misconfigurations and vulnerabilities in their OPC UA applications. The tool is recommended for developers, auditors, security testers, and engineers, and offers a graphical user interface and a command-line interface. It is available for both Windows and Linux, with a fee for organizations with annual revenue over $1 million. The tool is still in early development and will receive updates and bug fixes.
OpalOPC is a new vulnerability scanner for OPC UA applications developed by Molemmat Oy, a cybersecurity and data privacy company based in Finland. It is designed to help industrial organizations identify misconfigurations and vulnerabilities in their OPC UA systems that could potentially be exploited by cyberattacks.
OPC UA is a machine-to-machine communication protocol widely used in industrial control systems to ensure interoperability between different types of control systems. While the protocol is beneficial for organizations, it also presents security risks.
The tool offers both a graphical user interface and a command-line interface and is recommended for developers, auditors, security testers, engineers, and system integrators. It is available for both Windows and Linux platforms.
For non-profit projects and organizations with annual revenue below $1 million, OpalOPC is free to use. However, organizations with revenue exceeding $1 million are required to pay for the tool. The pricing options include a monthly license for €239 ($255) and a yearly license for €2,388 ($2,550), both for a single installation.
It is important to note that OpalOPC is still in early development, and the creator plans to add new checks and features in the future. Users should also be aware that there may be bugs that need to be addressed.
To assist users in testing OpalOPC, an intentionally configured OPC UA server with insecure settings has been set up.