Free community tool now extracts richer device metadata directly from ICS traffic
February 17, 2026 /EINPresswire/ EmberOT, a provider of industrial asset and network monitoring software, today announced the release of OT PCAP Analyzer v2.0.4, a significant update to its free community tool designed to help security practitioners analyze industrial control system (ICS) packet captures with greater clarity and context.
The latest version introduces substantial improvements to asset fidelity, moving beyond static manufacturer classification to dynamically extract device intelligence directly from observed traffic. Assets identified within uploaded PCAP files can now include hostnames, firmware versions, model numbers, serial numbers, encapsulation context, and object or property identifiers when present in the data.
“Industrial defenders deserve tools that reflect how OT environments actually behave,” said Jori VanAntwerp, Founder & CEO of EmberOT. “With version 2.0.4 of the free OT PCAP Analyzer, we’ve significantly improved asset fidelity by extracting device details directly from traffic fingerprints instead of relying on static mappings. It’s the same philosophy that drives our full Ember platform: observe, extract, and contextualize what truly matters.”
What’s new in OT PCAP Analyzer v2.0.4
The improvements in v2.0.4 make the free tool even more valuable for industrial defenders and analysts:
- Richer Asset Details from PCAPs
- Extracted hostnames, firmware, model, and serial numbers
- Encapsulation context surfaced for clearer protocol understanding
- Object and property identifiers included when available in traffic
- Improved Asset Discovery Logic
- More consistent grouping of the same device across captures
- Enhanced profiling for deeper forensic and investigative workflows
- Linux Stability Improvements
- Resolved a crash affecting certain PCAP uploads on Linux systems
Built for the Community, and Distinct from the Full Ember Platform
OT PCAP Analyzer is a free tool created for the OT security community to assist with incident response, forensic analysis, research, and training. It is intentionally lightweight and capture-based.
EmberOT’s flagship product, the Ember, provides continuous monitoring, asset inventory, flow-based contextual detection, risk indexing, and enterprise-scale deployment across distributed industrial environments. While PCAP Analyzer operates on static capture files, Ember delivers persistent, real-time observability and threat detection.
The PCAP Analyzer reflects EmberOT’s broader design philosophy: extract meaningful metadata, reduce noise, and provide actionable insight tailored to deterministic OT environments.
Upcoming ICS Vulnerabilities Research Report
EmberOT also announced it is finalizing a comprehensive ICS Vulnerabilities Research Report, expected to publish before the end of February. The report will examine trends, patterns, and risk implications across industrial environments, offering operators and defenders practical insights for prioritization and mitigation.
Meet EmberOT in Miami
Industry professionals can meet the EmberOT team in Miami, Florida, at these upcoming conferences:
- BSides ICS on February 23, 2026 – https://www.bsidesics.org/
- S4x26 February 23-26, 2026 – https://s4xevents.com/
Attendees are invited to schedule time at https://www.emberot.com/events/s4x26-and-bsides-ics-in-miami-fl to see the Ember platform in action, explore OT PCAP Analyzer capabilities, or discuss findings from the upcoming ICS Vulnerabilities Research Report.
Download the OT PCAP Analyzer
The updated OT PCAP Analyzer v2.0.4 is available now and can be downloaded for free at https://www.emberot.com/ot-pcap-analyzer/
Learn more about EmberOT’s full visibility and security platform, the Ember, by scheduling a demo at: https://www.emberot.com/request-a-demo
🔥 About EmberOT 🔥
EmberOT solves critical infrastructure security challenges by meeting organizations where they are today. Where predecessor solutions are hardware-dependent and cost-prohibitive, EmberOT’s software-based sensors remove those barriers and help organizations monitor and defend their environments NOW while showing them a path to the FUTURE. Combining secure by design with defense in depth, the EmberOT software provides immediate observability and detection, actionable insights, and guidance on “What should I do next?” to ensure critical infrastructure resilience and security. Learn more at https://www.emberot.com/
Become a Subscriber
EMBEROT WILL NEVER SELL, RENT, LOAN, OR DISTRIBUTE YOUR EMAIL ADDRESS TO ANY THIRD PARTY. THAT’S JUST PLAIN RUDE.