The release of Petya/Notpetya, Wannacry and other Windows-based malware and the steady drumbeat of OT-specific firmware vulnerability announcements drive home the point of using a comprehensive vulnerability and patch management program. A successful program has the following elements:
- Detailed asset inventory across all assets in the OT environment – IT/OS-based devices, networking and embedded OT devices.
- Regular review of vulnerability updates and patch releases
- Efficient and safe deployment of patches – or an integrated compensating control or mitigation plan – if patching not feasible.
In OT environment, the administrative challenges of patching are further complicated by risks, lack of standard end point inventory, and lack of aggregated patch availability. Verve addresses vulnerability/patch management with 4 core features:
- Rich software asset inventory: Verve’s proven vendor-agnostic agent and agentless service gathers full detail on OS, application software, firmware, patch status, configurations, etc. Verve does this by leveraging existing protocols and communications to gather information from end points rather than trying to interpret from communication packet analysis.
- Vulnerability analysis: For OS devices, Verve has customized best-in-class scanners such as Tenable and Rapid 7/Nexpose for ICS environments. For embedded devices, Verve compares against multiple vulnerability databases as well as reviewing underlying components against and array of potential hidden vulnerabilities
- Vulnerability remediation service: Regular monthly review of patches and potential software vulnerabilities, integrated patch deployment or software removal with VSC and onsite cross-vendor deployment support as necessary.
- Reporting for compliance and monitoring purposes