Nozomi Guardian is a security sensor that performs continuous passive network monitoring for operational technology (OT) and Internet of Things (IoT) environments. The product monitors mirrored network traffic without disrupting critical processes or generating additional network traffic. The sensor provides asset discovery and inventory capabilities for ICS, OT, IoT, IT, edge, and cloud assets. It maintains an asset inventory with detailed information about communicating devices and tracks normal traffic patterns to establish baselines for anomaly detection. Guardian performs automated vulnerability assessment to identify vulnerable OT and IoT devices. The product includes dashboards, drill-down capabilities, and reports that highlight security issues and prioritize remediation efforts. The platform detects anomalous network behavior and cyber threats using threat intelligence including Yara rules, packet rules, STIX indicators, threat definitions, and vulnerability signatures. Network visualization capabilities provide views of the operational network topology for troubleshooting and incident investigation. Guardian sensors can be deployed as physical or virtual appliances and scale across networks of varying sizes and complexity. Data from sensors is sent to either the cloud-based Vantage manager or the Central Management Console for centralized risk assessment and management. The product supports OT, IoT, and IT protocols and integrates with SIEM platforms, asset management systems, ticketing systems, and identity management tools.