The Cybersecurity Excellence Awards is an annual competition honoring products, companies, and individuals that demonstrate excellence, innovation and leadership in information security.
In 2020, Verve Industrial Protection’s Verve Security Center (VSC) was nominated for four cyber security product and service awards in the categories of ICS/SCADA, Integrated Risk Management, Security Management and Vulnerability Management.
Verve Industrial is pleased to announce the Verve Security Center received four Gold Awards in the ICS/SCADA, Integrated Risk Management, Security Management and Vulnerability Management categories.
Verve Industrial has 25 years of experience as an IT/OT reliability and security company. The company’s flagship product, the Verve Security Center, is a comprehensive IT/OT security management platform. It brings together all of the required elements of NIST CSF (as well as other standards such as CSC20, IEC62443, etc.) into a single pane of glass. It includes automated asset inventory, patch management, change management, vulnerability assessment, configuration compliance, application whitelisting, log management and anomaly detection, and incident response analysis.
Over 60% of cyber security labor is in the operations and maintenance functions to ensure security is controlled and managed on current and new systems. This challenge is hard enough in IT, but as cyber security extends into OT systems, either traditional industrial controls like SCADA or HMIs, etc. or newer IOT deployments, security management challenges increase dramatically. Operational Technology has historically been unmanaged and basic asset inventory is often unavailable.
Verve Industrial addresses this challenge by providing a single management platform for both IT and OT systems. As a software-only solution, it deploys quickly and inexpensively in comparison to alternative ICS solutions. By deploying the only OT-proven agent-based architecture, VSC allows operators to detect vulnerabilities and threats, while also remediating them quickly and safely. This architecture provides the first comprehensive solution of its kind for integrated IT/OT cybersecurity. VSC is proven successful on dozens of deployments in industries ranging from power generation and transmission to pharmaceuticals, pipelines, and discrete manufacturing.
ICS SCADA in OT Cybersecurity
The VSC offers faster deployment at a lower cost because the software-based architecture, leveraging an agent/agentless approach, negates the need for expensive taps/span ports and additional hardware required by passive anomaly detection solutions.
Verve Security Center is unique from other ICS cybersecurity solutions due to integrated remediation of endpoints in the network. Competitors in the OT cybersecurity market offer solutions that stop either at detection or with a link to certain firewalls. VSC's OT-proven agent-based solution allows for rapid remediation of vulnerabilities and threats from the same platform that is used to discover and assess those vulnerabilities, offering a "closed-loop" solution.
Verve Industrial combines its cybersecurity platform with deep ICS/OT experienced engineers because industrial organizations’ biggest challenge is skilled OT cyber personnel. Verve does not outsource this key component but combines the power of man and machine to provide customers with a turnkey solution.
Integrated Risk Management in OT Cybersecurity
The Verve Security Center differentiates itself from other cybersecurity solutions on the market with the integrated remediation actions to secure endpoints in the network.
In addition, VSC was awarded for its comprehensive visibility for deep asset inventory for detailed asset profiles. The vendor-agnostic solution operates effectively for all IT and OT equipment, including workstations, servers, HMIs, networking, PLCs, and IEDs.
From a security event management standpoint, the open platform permits integration with all endpoint, network, and process sensor data into a robust machine learning engine.
Security Management in OT Cybersecurity
Verve Security Center is the only cybersecurity solution offering best-in-class IT/OT integration for all IT systems (Windows, Linux, networking equipment, etc.) as well as OT (PLCs, relays, IOT gateways, etc.). This allows clients to use the same security management platform across their entire infrastructure, rather than split IT and OT into separate toolsets.
The robust reporting engine brings together all of the underlying management information (inventory, configuration, and changes, patching, vulnerability assessments, threat intel, etc.) across servers and workstations, networking equipment, IOT, and embedded OT devices, into a single pane of glass. This offers reporting, detection, and actioning of remediation in one place for an easy-to-use user experience.
Vulnerability Management in OT Cybersecurity
Verve’s proven vendor-agnostic agent and agentless service allows for a rich software asset inventory. It gathers full detail on OS, application software, firmware, patch status, configurations, etc. by leveraging existing protocols and communications to gather information from endpoints rather than trying to interpret from communication packet analysis.
For vulnerability analysis on OS devices, VSC customized best-in-class scanners such as Tenable and Rapid 7/Nexpose for ICS environments. For embedded devices, Verve compares against multiple vulnerability databases and reviews underlying components against an array of potential hidden vulnerabilities.
Vulnerability remediation services are also accessible. A regular monthly review of patches and potential software vulnerabilities, integrated patch deployment or software removal is handled by the Verve Security Center, and the option for onsite cross-vendor deployment support is readily available as well.
"We are proud of our development team for the great work in building the only true endpoint management platform for OT,” said John Livingston, CEO of Verve Industrial Protection. “VSC is recognized as a leader by our users because it provides closed-loop vulnerability management in OT. From automated asset discovery and inventory to patching and configuration hardening, it is all executed in a single platform. It is lower cost, faster time to remediation, and truly safe for all vendor systems."
Verve Industrial continues to strive to create an OT-safe cybersecurity solution that simplifies the complex elements of OT systems security and management. If you are interested in improving your cybersecurity maturity with demonstrated progress in real-time, please contact us to get started on your cybersecurity journey today.