IT-based vulnerability detection solutions often miss more OT vulnerabilities than they detect – or they generate an unmanageable flood of false positives, wasting your already over-stretched cyber resources.

This webinar aims to show how decades of OT product naming inconsistency limit the ability of traditional vulnerability tools to determine which of your assets are affected by a vulnerability – or the reverse: which vulnerabilities you need to worry about.

We’ll explain the difference between CPEs, CVEs, and CWEs and provide real-world examples of naming issues that undermine the usefulness of these resources. We’ll provide a primer on Software Bill of Materials (SBOMs) and discuss how enhanced SBOMs build the links between products, vulnerabilities, risks, and asset inventories.

We’ll also touch on how to use those links to get the most out of your investments or to secure the assets that are harder to replace. We’ll close with three takeaways to help you enhance your OT vulnerability management and risk monitoring.

 

Related resources

Press Release

Verve and aDolus Partner for Endpoint Cybersecurity Solution

The Verve Security Center continues to deliver the most innovative capabilities to its clients in a single, easy-to-use platform and aDolus’ FACT platform is the latest in Verve’s ability to both simplify and improve their client’s risk management.

Learn More
Blog

Embedded OT Vulnerabilities: An Asset Owner Perspective

What should asset owners be aware of with embedded OT systems and buried vulnerabilities, and what remediation tactics are available?

Learn More
Whitepaper

2020 ICS Advisory Report

A vulnerability review for 2019/2020. This document was performed as a summary piece highlighting the last two years of ICS advisories in an in-depth way.

Learn More

Subscribe to stay in the loop

Subscribe now to receive the latest OT cyber security expertise, trends and best practices to protect your industrial systems.