Thursday, 26 September 2019 18:48

"Kaspersky lab" has developed a new threat information service for industrial enterprises

Kaspersky Lab introduces a new threat information service for industrial enterprises - Kaspersky ICS Vulnerabilities Database. It will provide access to a constantly updated database of vulnerabilities in automated control systems and industrial Internet of Things devices, as well as the rules and algorithms needed to detect attacks that can be committed by operating them. The new service will help industry to analyze vulnerabilities and manage patches, and detect attempts to exploit vulnerabilities in industrial automation systems. [CNews]

Every year Kaspersky ICS CERT experts find at least 60 vulnerabilities in the components of the industrial Internet of Things and automation systems, the operation of which can affect the operation of hundreds and thousands of products, including the failure of the system or allowing potential intruders access to the management of production assets or key production data.

Enterprises need not only information about the presence of a vulnerability, but also the ability to detect an attempt to operate it to prevent possible attacks. But today 's intrusion detection systems typically contain signatures and rules about predominantly protecting IT assets, which means that many vectors of network attacks target vulnerable components of industrial devices. The Kaspersky ICS Vulnerability Database service will include constantly updated data on the most critical vulnerabilities in widely used industrial products of various vendors - with the necessary technical details. Using this data, enterprises will be able to prioritize and plan important system updates or other actions to reduce the risks of possible vulnerability exploitation by intruders. The data will be provided in a format that is easy to read to both the person and the machine via the REST API. They will be able to integrate into security tools already installed in the enterprise and manually configure the actions necessary to resolve vulnerabilities.

The new service also includes the Network Attacks Signatures Database, which includes signatures of potential industrial cyber threats. This data can be integrated into another vendor 's intrusion detection system to minimize the risk of cyberinflicent in industrial infrastructure.

"Our new one will help make the process of managing vulnerabilities and detecting cyber attacks more effective. Methods such as penetration testing and periodic audit of industrial enterprise security help to draw a picture of the current state of information protection and motivate cybersecurity engineers and experts to take action to improve it. One of the necessary measures, according to the general opinion, will be to debug the process of identification of vulnerabilities and reduction of risks of their operation. Unfortunately, the current public sources of information on vulnerabilities in industrial products are not sufficiently meaningful, lack accuracy and transparency, and are generally weak for the continued effective assessment of vulnerabilities. We believe that analytical data and recommendations provided within the framework of our new service will help to solve this problem, "- said Georgy Shebuldayev, head of Kaspersky Industrial Cybersecury.

Kaspersky ICS Vulnerabilities Database will be available in December 2019.

return_links(); ?>
Заявка на участие в тренинге
Личные данные

ФИО (англ.яз)
Неверный ввод

ФИО (рус.яз)
Неверный ввод

ФИО (каз.яз)
Неверный ввод

Дата рождения
Неверный ввод

Пол
Неверный ввод

Адрес

Страна
Неверный ввод

Город
Неверный ввод

Улица, дом, квартира
Неверный ввод

Почтовый индекс
Неверный ввод

Бизнес информация

Область деятельности
Неверный ввод

Место работы
Неверный ввод

Должность
Неверный ввод

Контактные данные

Мобильный телефон
Неверный ввод

Домашний телефон
Неверный ввод

Рабочий телефон
Неверный ввод

Электронная почта
Неверный ввод

Skype
Неверный ввод

Уровень образования на время заполнения заявки:
Неверный ввод

ОБРАЗОВАНИЕ (1)

Учебное заведение
Неверный ввод

Факультет
Неверный ввод

Специальность
Неверный ввод

Дата окончания
Неверный ввод

Номер диплома
Неверный ввод

Ученая степень

Дата получения
Неверный ввод

Степень
Неверный ввод

Название и номер документа, удостоверяющего получение
Неверный ввод