From its inception, Verve Security Center (VSC) has focused on simplifying the integration of IT and OT cybersecurity. With the introduction of the industry’s first open orchestration platform a decade ago, Verve Industrial extended best-in-breed IT solutions into the OT environment. Since then, customers deploy VSC to protect and manage hundreds of locations and tens of thousands of assets.
Verve’s heritage is built on its quarter century of industrial controls engineering history. Our basic principle is that operators need to apply the same rigor to managing security in OT as they do in IT. They shouldn’t have to settle for partial, ill-fitting, expensive or manual solutions.
OT IT Asset Management
Operators should gain asset visibility without the need for expensive and time-consuming deployments of span ports and taps. Beyond monitoring, they should remediate and act to protect their systems from the same platform, rather than solely identifying vulnerabilities or threats.
Prioritizing Cyber Threats
OT operations should prioritize their cyber risks using a platform that integrates not only vulnerabilities, but also a comprehensive view of the compensating controls (such as application whitelisting or firewalls), as well as the criticality of that asset to the overall process. Not all assets in the OT space are created equally. In many cases, the raw risk is not reflective of the asset criticality, its likelihood for exploitation, or the ROI of remediation based on risk profile.
Think Global, Act Local
Operations should have a central team to identify key threats and vulnerabilities and design specific actions. Allowing OT experts local to the target systems to have control over those actions to address the sensitive, real-time element of OT environments is also important. We call this thinking globally, but acting locally.
VSC Version 7.0 builds off Verve’s core differentiators of lower cost, faster-time-to discovery and remediation, ease-of-use, and IT-OT integration with a focus on “closed-loop” vulnerability management. Specifically, v7.0 includes:
- 360-degree vulnerability visibility: enable view of gaps in defense-in-depth across missing patches, insecure configurations, weak access control policies, presence of AV and its signature recency, engagement of Application Whitelisting, network architecture and detailed firewall and switch ACLs and configurations to assess segmentation, etc.
- Vulnerability prioritization based not only on CVE/CVSS, but also compensating controls, asset criticality, and backup status- all using Verve’s 360-degree asset visibility
- Dozens of additional “closed-loop” remediation actions including: configuration compliance, password deployment, unnecessary software removal, etc.
- Enhancements to Verve’s “Think Globally, Act Locally” architecture with hundreds of additional central analysis and reporting dashboards integrating current vulnerability status and remediation progress with specific remediation actions
- Low-cost log and flow analysis to help identify existing threats as well as reduce the costs and time duration of network segmentation design
- Integration of more OT data such as DCS/SCADA alarms and asset performance data to provide greater operational visibility as well as improved incident response.
These additional cybersecurity software features build on the foundation of Verve’s 100% software-based solution which deploys in minutes without the need for span-ports, taps or other hardware.
The rapid visibility into all risks within a platform to not only detect, but also respond and remediate in a prioritized way significantly reduces cost and time to secure facilities. It also significantly improves the cost effectiveness of maintain their security maturity once it has been achieved.