Kaspersky has introduced a machine-readable Open Vulnerability and Assessment Language (OVAL) data feed for the automated detection of vulnerabilities in operational technology (OT) software.
The solution aims to deliver comprehensive intelligence about vulnerabilities in most popular supervisory control and data acquisition (SCADA) and distributed control systems (DCS) based on data from multiple sources.
This is then analysed and updated by Kaspersky experts, who will provide instructions for mitigation. The feed is delivered in XML format for integration with vulnerability management solutions that support the OVAL standard.
According to the security giant, the number of vulnerabilities discovered in industrial automation software is substantial and raises concern. OVAL for Windows applies the feed’s specifications dedicated to the standardised transfer of vulnerability information across various security tools and services. It helps industrial organisations enhance vulnerability detection and assessment of SCADA and other OT software.
It is also integrated into a customer’s industrial vulnerability management solution and can be used with open-source OVAL interpreters.
The feed covers products from the world’s top vendors such as Siemens, Schneider Electric, Yokogawa, Emerson and others. It provides detailed information about detected flaws, including their description, affected software name and versions, severity score and metrics, and it recommends measures for mitigation.
Kaspersky’s ICS CERT experts collect data and build their intelligence about vulnerabilities through continuous monitoring of third-party sources, such as MITRE, national vulnerability databases US-CERT, vendors, and communities, and conducts its own research too.
The team analyses all the data and tests it against possible errors that may affect correct detection and assessment. The mitigation measures they provide for vulnerabilities are based on their experience in OT threat protection and SCADA vendor’s recommendations.
Share