Kaspersky has introduced a machine-readable Open Vulnerability and Assessment Language data feed for the automated detection of vulnerabilities in operational technology software.
This is then analysed and updated by Kaspersky experts, who will provide instructions for mitigation. The feed is delivered in XML format for integration with vulnerability management solutions that support the OVAL standard. OVAL for Windows applies the feed’s specifications dedicated to the standardised transfer of vulnerability information across various security tools and services. It helps industrial organisations enhance vulnerability detection and assessment of SCADA and other OT software.
The feed covers products from the world’s top vendors such as Siemens, Schneider Electric, Yokogawa, Emerson and others. It provides detailed information about detected flaws, including their description, affected software name and versions, severity score and metrics, and it recommends measures for mitigation.