PAS is pleased to announce the release of Cyber Integrity™ v6.0.0.
Cyber Integrity v6.0.0 provides new continuous ICS vulnerability management capabilities for complex, multi-vendor industrial facilities. This version also provides usability and responsiveness enhancements in several areas.
New capabilities include:
- Automated vulnerability assessment: Automatically compares the latest vulnerability information from the National Vulnerability Database (NVD) from US-CERT with the normalized automation system inventory Cyber Integrity stores to determine if OT assets have vulnerabilities that may put production systems at risk. Cyber Integrity also provides on-demand vulnerability assessment queries that run against the Cyber Integrity inventory of managed assets for quick assessment of control system vulnerabilities and cyber risk exposure. The new built-in displays are flexible; you can display all vulnerabilities across your entire environment, or you can quickly filter to display vulnerabilities by plant, unit, area/zone, or individual asset. Results include the NVD Common Vulnerability Scoring System (CVSS) risk rating for each vulnerability. The CVSS risk rating provides an open framework for communicating the characteristics and impacts of IT vulnerabilities, and can be used to prioritize vulnerability remediation and mitigation activities.
- Remediation and mitigation workflows: Obtain continuous visibility into the state of current vulnerability investigation efforts. Define vulnerability remediation and mitigation workflows to ensure consistent remediation activity tracking and reporting. Identify if vulnerability management activities for specific assets, plants, or units need additional attention or support to ensure timely protection of industrial assets from internal and external threat actors.
- Closed-loop patch management: Compare patch information from Microsoft against ICS endpoints in industrial facilities. Combine this information with bulletins received from automation system vendors to obtain a centralized, unified view into current patch levels across all managed cyber assets. Utilize patch management workflows to efficiently patch systems while protecting production safety and reliability during the patch implementation process.
- Vulnerability dashboards and trend views: Provide customizable vulnerability dashboards to ensure asset owners, plant staff, unit managers, OT and IT cybersecurity professionals, and the executive leadership team all have visibility into the vulnerability data and trends to make informed vulnerability remediation and cyber risk management decisions.
- Usability and performance enhancements: Controls used on several windows were changed to deliver information more effectively. Database activities were also streamlined to deliver faster processing and response times.
For additional information, including a list of defects and customer enhancement requests addressed in this release, see the Release Notes. To acquire the software, please contact Technical Support at RapidSupport@PAS.com. To view the latest information about all Cyber Integrity/DOC4000 releases, see the Technical Updates page.