OT-BASE includes various options for vulnerability management, the most important of which are explained in this section. Note that for the following discussion it is assumed that Asset Center is configured properly to automatically import vulnerability definitions, and Microsoft patch data.
Within Asset Center, the following functions are available for assisting you in vulnerability management:
- See a list of all CVEs that affect your installed base (CVE list). This list can be filtered to only cover a specific site or network, only vulnerabilities of a certain priority or publication date, and so on.
- See a list of vulnerable devices, sorted by their risk score (device list).
- See a list of installed software products, sorted by their vulnerability score.
- See a chart indicating how vulnerabilities change over time, and in respect to patch cycles.
You will also see vulnerability information in device profiles and product profiles.
There are additional add-ons to Asset Center that assist in vulnerability management:
- The OT-BASE Splunk Technical Add-On allows you to perform vulnerability analysis of your OT asset data in Splunk
- The OT-BASE Vantage dashboard allows you to analyze your vulnerability data interactively, using different chart types.