Vulnerability management in integrated IT-OT systems has historically been time consuming and potentially risky to the operational reliability of fragile OT systems.  As a result, assessments are often manually compiled using sampling of data, manual walk-downs and configuration reviews, and done on a one-time or infrequent basis. Moving from assessment to remediation often requires a lengthy process of deploying appropriate tools, gathering additional data for network segmentation design, and/or manually patching distributed devices.

To date, it has been an inefficient and expensive exercise often only completed on an infrequent basis.

Cyber security solutions have emerged to provide some automated asset visibility using span ports and taps deployed on network switches to gather network communications that can indicate assets connected to the network.  These solutions, however, are expensive to deploy, often miss a significant range of devices which are at lower layers of the network, and do not gather full software and configuration inventory necessary to do the same level of vulnerability analysis offered on IT assets.  Further, remediation has been left to separate tools or manual exercises.

Since 2016, Verve Industrial has worked with clients to deploy a different approach to asset visibility that we call “closed-loop” vulnerability management.  The “closed-loop” methodology uses Verve’s proven agent-agentless cyber security platform to gather deep inventory on all assets without the need for network taps or spans – or any hardware at all.  It produces a 360-degree assessment on assets, networks, access control, defensive compensating controls, etc. to enable a risk-rated set of vulnerability priorities.

This is integrated with Verve’s remediation capabilities which “closes the loop” on prioritized vulnerabilities by enabling automated patch management, hardening of configuration settings, narrowing of access controls, etc. Finally, it provides automated auditing through central reporting function across all IT and OT assets across multiple geographic sites.

Benefits of closed-loop vulnerability management are:

  • Deeper vulnerability assessment
  • Lower cost assessment and remediation
  • Real-time visibility to new vulnerabilities
  • Faster-time-to-remediation with integrated assessment and remediation in the same platform

Related Resources

Blog

Compensating Controls in ICS Security

How and when to apply OT/ICS compensating controls when software patching is not an option in industrial cyber security.

Read the Story
Blog

SolarWinds: Implications of Compromised Supply Chain Security

Following the SolarWinds software incident, what lessons can asset owners learn from published causation and guidance - and how can product owners for more to help secure their customers?

Read the Story
Event, Webinar

[Webinar] IT is from Mars, OT is from Venus

Ever feel like your counterparts are from another planet? It doesn't have to be that way!

Read the Story

Subscribe to stay in the loop

Subscribe now to receive the latest OT cyber security expertise, trends and best practices to protect your industrial systems.