More threat intelligence for industry: Kaspersky introduces new data feed for detecting vulnerabilities in SCADA and control systems. The feed contains damage control guides. It is delivered in XML format and integrates with vulnerability management solutions.
Kaspersky now offers a machine-readable Open Vulnerability and Assessment Language (OVAL) data feed for the automatic detection of vulnerabilities in operational technology (OT) software. Kaspersky Industrial OVAL Data Feed for Windows provides comprehensive information about vulnerabilities in the most popular SCADA and Distributed Control Systems (DCS) based on data from various sources, analyzed and updated by Kaspersky experts. The feed also offers damage control guides. It is delivered in XML format and can be integrated with vulnerability management solutions that support the OVAL standard.
Information for vulnerability management solutions
Weaknesses are found again and again in industrial automation software. Currently contains the National Vulnerability Database (NVD) Thousands of known vulnerabilities in common software used in automation, manufacturing execution, and distributed control systems. Other known vulnerabilities in various industrial software solutions are also listed there.
Kaspersky Industrial OVAL Data Feed for Windows applies the OVAL specifications for standardized transmission of vulnerability information between different security tools and services. In doing so, he helps industrial companies to optimize the vulnerability detection and assessment of SCADA and other OT software.
Open source OVAL interpreter ready
The feed is integrated into the customer's industrial vulnerability management solution and can be used with open source OVAL interpreters. This provides detailed information about detected vulnerabilities such as description, name and versions of the affected software, severity and metric (CVSS). Damage limitation measures are also provided. The feed covers products from the world's leading manufacturers such as Siemens, Schneider Electric, Yokogawa and Emerson. More will be added as needed by Kaspersky customers.
Data Feed is fed with expertise from Kaspersky ICS CERT
The experts at Kaspersky ICS CERT collect data and expand their expertise on vulnerabilities through continuous monitoring of third-party sources such as MITRE, National Vulnerability Database (NVD), US-CERT, providers and communities, but also through their own research. The team carefully analyzes all data and checks for possible errors that could affect correct detection and evaluation. The recommended actions are based on the team's experience in protecting against OT threats as well as the recommendations of the respective SCADA vendors.
Use of the OVAL standard
"The OVAL standard is actively used to describe vulnerabilities or suitable system configurations for known software," comments Mikhail Berezin, Head of ICS CERT Products at Kaspersky. “However, the market lacks a comprehensive and high-quality OVAL data source for software used in industrial control systems. Our new feed changes that and provides information for ICS related software. It will help industrial companies improve automated vulnerability assessment while increasing their efficiency. We are happy to be able to demonstrate this in projects with our customers.”
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/