Detecting Attacks on Historian Servers When to Use - When monitoring historian servers that bridge IT and OT networks for compromise indicators - When detecting unauthorized queries or data manipulation in process historian databases - When investigating lateral movement through historian servers between IT and OT zones - When responding to alerts about exploitation of historian-specific vulnerabilities (CVE-2025-0921) - When validating historian data integrity after a suspected OT security incident Do not use for general database security monitoring (see database security skills), for histor…