For the third year running, Verve Industrial Protection was nominated for many best product and/or service awards in the annual Cybersecurity Excellence Awards. In 2021, Verve was nominated in the categories of critical infrastructure, patch and configuration management, ICS/SCADA, integrated risk management, security management, and vulnerability management. We are honored to receive four gold awards and two silver awards and to be recognized as a leading cyber security product or service across all six categories.
The Cybersecurity Excellence Awards annually honor individuals and companies that demonstrate excellence, innovation, and leadership in information security. In the 2020 Cybersecurity Excellence Awards, Verve Industrial received four gold awards in the categories of ICS/SCADA, integrated risk management, security management, and vulnerability management. In the 2019 Awards, Verve won the silver award for the categories of ICS/SCADA and security management.
“We are pleased to be recognized as the best cyber security product on the market for various needs,” says John Livingston, CEO of Verve Industrial. “We strive to continually improve the Verve Security Center’s (VSC) capabilities to serve our customers’ OT/ICS cyber security needs. The increased number of nominations each year and improvement from silver to gold recognition speaks to the platform’s advancement.”
The Verve Security Center was built leveraging our 25+ years of ICS/OT experience. We built the first OT/ICS cybersecurity platform that integrates a comprehensive suite of protection and defense to reduce cost and simplify industrial operations. See what differentiates Verve from other cyber security products and services.
Best Cybersecurity Product for Critical Infrastructure – Verve’s nomination here
Deep and Wide Asset Risk Visibility
The Verve Security Center empowers OT operations in critical infrastructure organizations to see deep into OT/ICS networks without the need for hardware or traffic to capture rich asset details – from patch and vulnerability status to dormant users, configurations, and insecure network connections. With this information, customers can develop a 360-degree risk score that prioritizes risks to assess and remediate vulnerabilities.
Integrated Remediation/Response Platform
Verve’s innovative approach to critical infrastructure brings all five elements of the NIST CSF into one solution to identify, protect, detect, respond, and recover from one platform. This expedites time to remediation and instills confidence that operations are secure and reliable.
OT Industry Expertise
With more than 25 years of experience supporting critical infrastructure industries through ICS services and OT expertise, Verve has “been there, done that.” The company’s team comprises knowledgeable OT experts who have first-hand experience in critical infrastructure processes and systems, and act as a partner throughout clients’ cyber security maturity journeys.
Best Cybersecurity Product for Patch & Configuration Management – Verve’s nomination here
Rich Asset Inventory for Patch Identification
Verve Security Center provides visibility into 100% of connected assets. Through a combination of best-in-class tools for agent-based systems and a proprietary Agentless Device Interface (ADI), clients can inventory and monitor all assets in their OT/ICS network. Notably, Verve’s 100% software-based approach delivers this visibility without requiring expensive taps or other hardware collectors.
Integrated Patch Deployment/Application
Verve Security Center also automates the deployment (or application) of patches into OT environments. Verve leverages 25+ years of vendor-agnostic experience in industrial controls to build an OT-safe patching solution. The Verve Security Center patching module allows users to build baselines for patches that are approved and unapproved and use baselines to reflect those approved by a specific vendor. Once this baseline is established, Verve dashboards are filtered to report on only those patches that have been approved, eliminating the complexity of manually recalling which patches should and should not be deployed. Then the operator can choose to execute those selected patches in an automated fashion, rather than depending on manual processes or unreliable tools such as WSUS.
Centralized Reporting and Compliance
One of the more tedious regulatory and managerial tasks related to patch management is the requirement to baseline systems before and after patch application. Any baseline changes need to be captured and entered into corporate change management workflows to secure the new configuration and maintain compliance. Verve Security Center automates baseline configuration automatically flagging any changes to target systems. Moreover, Verve’s ADI inventories proprietary systems that constitute up to 75% of all assets, gathering and confirming that patch updates have been deployed on networking, relays, PLCs, and other embedded devices. Importantly, this patching tool allows customers to run a baseline after an update and confirm the latest version is installed.
Best Cybersecurity Product/Service for ICS/SCADA – Verve’s nomination here
Faster Deployment and Lower Cost
Version 8.0 of the Verve Security Center introduces “Verve-in-the-cloud” to further reduce the time and cost of deployment, leveraging a software-based approach. Unlike passive solutions, there is no need for expensive taps/span ports or additional hardware.
Verve Security Center is unique from other ICS cyber security solutions because of its integrated ability to remediate the endpoints in the network. Underscoring their limitations, Verve’s competitors stop either at detection or with a link to certain firewalls. OT-proven and agent-based, Verve Security Center enables rapid remediation of vulnerabilities and threats from the same platform that is used to discover and assess those vulnerabilities delivering a “closed-loop” solution.
Arguably, the biggest challenge for customers is (the lack of) skilled OT cyber personnel. Rather than outsource this critical component, Verve combines its platform with deeply experienced OT/ICS engineers. As such, Verve combines the power of “human and machine,” offering clients a turnkey solution.
Best Cybersecurity Product for Integrated Risk Management – Verve’s nomination here
Verve is the only ICS cyber security solution that offers an integrated ability to remediate the endpoints in the network. Underscoring their limitations, other solutions stop either at detection or with a link to certain firewalls. OT-proven and agent-based, Verve Security Center solution enable rapid remediation of vulnerabilities and threats from the same platform that is used to discover and assess those vulnerabilities, delivering a “closed-loop” solution.
Verve offers vendor-agnostic solutions for all IT and OT equipment (Workstations, Servers, HMIs, Networking, PLCs, IEDs, etc.) through the integration of third-party tools and its agent/agentless approach that provides the deepest risk visibility on the market.
360-Degree Risk Prioritization
Verve’s 360-degree risk scoring takes more factors into consideration than other offerings, including an asset’s technical details, third-party tool information, and meta-data. Technical details include patch status; software vulnerabilities; endpoint configurations; 100% software inventory; dormant, admin, and shared account risks; password settings; risky ports; network protections; log data on devices; and user behavior. Third-party tools provide information such as the status of antivirus signatures, application whitelisting controls, and backups. Meta-data or internal expert knowledge combines an asset’s operational criticality, location, owner, system grouping, and regulatory environment.
Best Cybersecurity Product for Security Management – Verve’s nomination here
Verve is the only solution offering a best-in-class solution for all IT systems (Windows, Linux, networking equipment, etc.) as well as OT systems (PLCs, relays, IoT gateways, etc.). This allows clients to use the same security management platform across their entire infrastructure rather than split IT and OT into separate toolsets, a concept we call OT Systems Management. A 360-degree view brings IT and OT data together to prioritize risks in ICS/OT environments. It improves the efficiency and effectiveness of risk management, so companies know where their greatest risks lie. Version 8.0 of the Verve Security Center aligns IT/OT security management and quickly identifies risks to protect OT environments.
Ease of Use
Given today’s evolving threat landscape, it is an overwhelming task to keep up with the thousands of threats barraging an OT environment every day. Although independent companies work tirelessly to defend against large and powerful nation-state attacks from foreign associations, they can only do so much. Version 8.0 of the Verve Security Center significantly enhances the ease of use, depth of insight, and speed to remediation of cyber risks for industrial control systems.
Best Cybersecurity Product for Vulnerability Management – Verve’s nomination here
Rich Software Asset Inventory
Verve Security Center provides visibility into 100% of connected assets. The proven, vendor-agnostic agent and agentless platform gathers full detail on OS, application software, firmware, patch status, configurations, etc. Verve leverages existing protocols and communications to gather information from endpoints rather than trying to interpret from communication packet analysis.
Verve Security Center generates scoring risks based on asset criticality, the potential for exploitation and impact, and most importantly, the potential impact on process or safety. Verve’s 360-degree risk scoring takes more factors into consideration than other offerings, including an asset’s technical details, third-party tool information, and meta-data. Technical details include patch status; software vulnerabilities; endpoint configurations; 100% software inventory; dormant, admin, and shared account risks; password settings; risky ports; network protections; log data on devices; and user behavior. Third-party tools provide information such as the status of antivirus signatures, application whitelisting controls, and backups. Meta-data or internal expert knowledge combines an asset’s operational criticality, location, owner, system grouping, and regulatory environment.
Verve provides a regular monthly review of patches and potential software vulnerabilities, integrated patch deployment, or software removal with Verve Security Center, and offers onsite cross-vendor deployment support to demonstrate security progress and maturity.