The release of Petya/Notpetya, Wannacry and other Windows-based malware and the steady drumbeat of OT-specific firmware vulnerability announcements drive home the point of using a comprehensive vulnerability and patch management program. A successful program has the following elements:
- Detailed asset inventory across all assets in the OT environment – IT/OS-based devices, networking and embedded OT devices.
- Regular review of vulnerability updates and patch releases
- Efficient and safe deployment of patches – or an integrated compensating control or mitigation plan – if patching not feasible.
In OT environments, the administrative challenges of patching are further complicated by risks, lack of standard endpoint inventory, and lack of aggregated patch availability.
Verve addresses vulnerability/patch management with 4 core features:
- Rich software asset inventory: Verve’s proven vendor-agnostic agent and agentless service gathers full detail on OS, application software, firmware, patch status, configurations, etc. Verve leverages existing protocols and communications to gather information from endpoints rather than interpreting from communication packet analysis.
- Vulnerability analysis: Through our automated asset inventory created by agent and agentless data collection, we build robust asset profiles on all OS, networking and embedded assets. The asset database is compared to multiple vulnerability databases and underlying components are reviewed against an array of potential hidden vulnerabilities to provide a real-time view of vulnerabilities.
- Vulnerability remediation service: Regular monthly review of patches and potential software vulnerabilities, integrated patch deployment or software removal with Verve Security Center and onsite cross-vendor deployment support as necessary.
- Reporting for compliance and monitoring purposes