Vulnerability management in integrated IT-OT systems has historically been time consuming and potentially risky to the operational reliability of fragile OT systems. As a result, assessments are often manually compiled using sampling of data, manual walk-downs and configuration reviews, and done on a one-time or infrequent basis. Moving from assessment to remediation often requires a lengthy process of deploying appropriate tools, gathering additional data for network segmentation design, and/or manually patching distributed devices.
To date, it has been an inefficient and expensive exercise often only completed on an infrequent basis.
Cyber security solutions have emerged to provide some automated asset visibility using span ports and taps deployed on network switches to gather network communications that can indicate assets connected to the network. These solutions, however, are expensive to deploy, often miss a significant range of devices which are at lower layers of the network, and do not gather full software and configuration inventory necessary to do the same level of vulnerability analysis offered on IT assets. Further, remediation has been left to separate tools or manual exercises.
Since 2016, Verve Industrial has worked with clients to deploy a different approach to asset visibility that we call "closed-loop" vulnerability management. The "closed-loop" methodology uses Verve's proven agent-agentless cyber security platform to gather deep inventory on all assets without the need for network taps or spans - or any hardware at all. It produces a 360-degree assessment on assets, networks, access control, defensive compensating controls, etc. to enable a risk-rated set of vulnerability priorities.
This is integrated with Verve's remediation capabilities which "closes the loop" on prioritized vulnerabilities by enabling automated patch management, hardening of configuration settings, narrowing of access controls, etc. Finally, it provides automated auditing through central reporting function across all IT and OT assets across multiple geographic sites.
Benefits of closed-loop vulnerability management are:
- Deeper vulnerability assessment
- Lower cost assessment and remediation
- Real-time visibility to new vulnerabilities
- Faster-time-to-remediation with integrated assessment and remediation in the same platform
Download our solution brief for more information: