In the world of Operational Technology (OT), we find several orders of magnitudes more vulnerabilities than in IT. Therefore, vulnerability identification and management becomes a much more challenging task that requires a dedicated tool. Vulnerability matching is one important function of our OTbase OT asset management system, and it works quite differently from what you know from corresponding IT products. In a recent video tutorial, we demonstrated how OTbase Asset Inventory matches Common Vulnerabilities and Exposures (CVE) data to devices in your installed base.
CVE Matching: A Proactive Approach to OT Security
OTbase Asset Inventory takes a proactive approach to OT security. It downloads the latest CVE data daily and displays it on the events page. This feature ensures you are always up-to-date with the latest vulnerabilities that affect your devices.
The major difference to IT vulnerability scanners is that in OTbase, you never need to initiate a vulnerability scan by clicking a button or something, resulting in several hours-long operations that include megabytes of network crawling.
OTbase constantly matches your installed products, including all installed libraries and patches, firmware versions, etc. against the latest set of known vulnerabilities without triggering a “vulnerability scan”.
This process happens in the background so you don’t notice anything other than an ever-green and up-to-date list of CVEs that warrant a closer look.
The system color-codes the list of CVEs that affect your installed base, with the darker colors indicating more severe vulnerabilities. Clicking on a CVE brings up the vulnerability profile, where you can learn more about the vulnerability from the description. OTbase also supplies relevant links to NIST to view CPE information.
Remediation Recommendations and Device Matching
OTbase Asset Inventory doesn’t stop at identifying vulnerabilities. It also provides links to remediation recommendations in some instances. These recommendations can guide you to patches and versioning updates from the manufacturer, helping you address vulnerabilities effectively.
But the real game-changer lies in the Devices section. OTbase Asset Inventory displays all the devices in your installed base affected by a particular vulnerability, along with the reason why it was matched up to this vulnerability. This feature allows you to see the full magnitude of the potential risk and where you can start your remediation efforts.
With OTbase Asset Inventory, you’re not just informed about potential vulnerabilities; you’re given the tools to address them proactively. Check out the full video tutorial to see these features in action.
Stay tuned for our next blog post, where we’ll explore the fastest way to find OT device, network, and system documentation using OTbase Quick Search.