Security Stack Logo
Dispel Zero Trust Engine logo

Cyber-Physical Systems (CPS) Security

Dispel Zero Trust Engine

Secure remote access for OT and industrial control systems with sub-30-second connections.

OT Secure Remote Access (SRA)Zero Trust Network Access (ZTNA)Operational Technology (OT) Security

Dispel Zero Trust Engine Overview

What it does

Dispel Zero Trust Engine is a secure remote access and connectivity platform for operational technology (OT), industrial control systems (ICS), and cyber-physical systems from Dispel, founded in 2014 by Ethan Schmertzler (Co-CEO) and Ian Schmertzler (President) and headquartered in Austin, Texas with offices in New York, Washington DC, and Tokyo. The company has raised $28M in total funding, pioneered network-level Moving Target Defense (MTD) technology with 43+ patents, and was recognized as 2024 Cyber Defense Magazine Hot Company in Zero Trust Platform category and 2017 Gartner Cool Vendor.

How it works

The platform provides three core capabilities across a unified solution: OT Secure Remote Access enables sub-30-second connections to mission-critical assets (vs. traditional 7-12 minute connection times), replacing complex jump servers and VPNs; OT Data Streaming enables secure, encrypted real-time data transfer between industrial assets and cloud analytics for predictive maintenance and AI; and OT Threat Monitoring delivers 24/7 SOC protection with anomaly detection, session recording, and SIEM/SOAR integration. The proprietary Moving Target Defense technology continuously mutates attack surfaces by dynamically changing network configurations, IP addresses, and infrastructure in real-time, creating ephemeral, compostable infrastructure that prevents persistent footholds. The platform supports all 65,000+ TCP/IP protocols including SSH, RDP, VNC, and proprietary OT protocols (Modbus, DNP3, BACnet, OPC-UA), with OTFusion capability unifying fragmented OT DMZ architectures to reduce operational complexity by 30%.

Credentials and traction

Dispel Zero Trust Engine holds SOC 2 Type II and ISO 27001 certification. Dispel was named a Gartner Cool Vendor in Cyber-Physical Systems Security, 2025, and is listed as a Representative Vendor in the 2026 Gartner Market Guide for Cyber-Physical Systems Secure Remote Access. The company also received a 2026 Global InfoSec Award for Hot Company in Secure Remote Access. Dispel secures remote access across electric utilities, water and wastewater, oil and gas, manufacturing, defense, and federal agencies.

Key Capabilities

mapped to solution categories
OT Secure Remote Access (SRA)

Manages third-party vendor remote access sessions with just-in-time provisioning, time-limited credentials, and session approval workflows, replacing always-on VPN access to OT networks.

Analyzes OT protocol commands within remote sessions, alerting on commands outside the authorized scope (e.g., firmware upload when only monitoring access was approved).

Records all remote sessions with full protocol-level capture for forensic review and regulatory compliance, without introducing latency that would affect OT system operation.

Provides secure remote access to OT environments with no internet connectivity using a data diode-compatible or hardware broker architecture, without requiring an internet-connected OT network.

Zero Trust Network Access (ZTNA)

Checks endpoint health (OS patch level, EDR presence, disk encryption, certificate validity) at each access request, enforcing minimum device security standards before granting application access.

Re-evaluates user and device trust signals throughout an active session, revoking or stepping down access when anomalous behavior is detected, not just at authentication time.

Grants access to individual named applications rather than network segments, users and devices can only reach explicitly authorized applications regardless of network position.

Provides access to browser-based internal applications through a reverse proxy without requiring a device agent, enabling secure access from unmanaged or contractor devices.

Routes web application access through a remote or local isolated browser to prevent malicious content on application pages from reaching the endpoint.

Operational Technology (OT) Security

Classifies discovered assets and traffic flows into Purdue Model levels (Level 0-4), supporting IEC 62443 zone and conduit documentation and compliance assessment.

Forwards enriched OT security alerts into enterprise SIEM and SOAR platforms with OT-specific context, enabling unified SOC operations without requiring OT-specialized analysts.

Compliance

certifications
ISO 27001SOC 2 Type II

Integrations

compatible tools
Amazon Web ServicesArmisCisco ISECrowdStrikeDragosElastic StackForescoutGoogle ChronicleGoogle Cloud PlatformHashicorp VaultIBM QRadarMicrosoft Active DirectoryMicrosoft AzureMicrosoft EntraMicrosoft SentinelNozomi NetworksOktaPingIdentityRapid7SentinelOneServiceNowSplunkTXOne

Implementation & support

Deployment model
CloudHybridOn-PremisesPrivate CloudSaaS
Pricing structure
Custom / EnterpriseFree Trial
Support channels
24/7 SupportDocumentationEmail SupportLive ChatTechnical Account Manager (TAM)Ticketing PortalTraining / Academy

Info last updated on May 28, 2026

Vendors

Is this your product?

Claim your profile to connect with the teams looking for your solutions.

Security Stack Logo

The curated research platform for enterprise cybersecurity solutions.

All product and company names, logos, and brands are property of their respective owners and are used on this website for identification purposes only. Security Stack does not endorse any vendor, product, or service listed, and makes no warranties, express or implied, as to the accuracy or completeness of this content, including any warranties of merchantability or fitness for a particular purpose.

© 2026 Security Stack. All rights reserved.