Vulnerability management in integrated IT-OT systems has historically been time consuming and potentially risky to the operational reliability of fragile OT systems.  As a result, assessments are often manually compiled using sampling of data, manual walk-downs and configuration reviews, and done on a one-time or infrequent basis. Moving from assessment to remediation often requires a lengthy process of deploying appropriate tools, gathering additional data for network segmentation design, and/or manually patching distributed devices.

To date, it has been an inefficient and expensive exercise often only completed on an infrequent basis.

Cyber security solutions have emerged to provide some automated asset visibility using span ports and taps deployed on network switches to gather network communications that can indicate assets connected to the network.  These solutions, however, are expensive to deploy, often miss a significant range of devices which are at lower layers of the network, and do not gather full software and configuration inventory necessary to do the same level of vulnerability analysis offered on IT assets.  Further, remediation has been left to separate tools or manual exercises.

Since 2016, Verve Industrial has worked with clients to deploy a different approach to asset visibility that we call “closed-loop” vulnerability management.  The “closed-loop” methodology uses Verve’s proven agent-agentless cyber security platform to gather deep inventory on all assets without the need for network taps or spans – or any hardware at all.  It produces a 360-degree assessment on assets, networks, access control, defensive compensating controls, etc. to enable a risk-rated set of vulnerability priorities.

This is integrated with Verve’s remediation capabilities which “closes the loop” on prioritized vulnerabilities by enabling automated patch management, hardening of configuration settings, narrowing of access controls, etc. Finally, it provides automated auditing through central reporting function across all IT and OT assets across multiple geographic sites.

Benefits of closed-loop vulnerability management are:

  • Deeper vulnerability assessment
  • Lower cost assessment and remediation
  • Real-time visibility to new vulnerabilities
  • Faster-time-to-remediation with integrated assessment and remediation in the same platform

Related Resources

Blog

5 OT Vulnerability Management Challenges (and How to Overcome Them)

Common challenges to vulnerability management in OT cyber security and ways to overcome them to create safer industrial and operational environments.

Learn More
Blog

Defend Against Ransomware with a 360-Degree OT Vulnerability Management Program

What is OT/ICS vulnerability management, why is it critical in cyber security, and what role does it play in ransomware defense and protection?

Learn More
Whitepaper

Vulnerability Management in OT Whitepaper

The purpose of this white paper is to share an alternative approach to vulnerability management in OT, which has evolved over the course of a decade from work with dozens of industrial organizations managing IT-OT environments.

Learn More

Closed Loop Vulnerability Management Data Sheet

Go from one-time assessment to real-time management

Get the data sheet

Subscribe to stay in the loop

Subscribe now to receive the latest OT cyber security expertise, trends and best practices to protect your industrial systems.