Learn how Product Assessments can illuminate security and compliance risks for in-use and prospective IT/OT products.
It is of utmost importance that organizations possess an understanding of how hardware and software components of the products they use can impact regulatory requirements, security, and compliance for their organization. Information Technology (IT) and Operational Technology (OT) vendors and their end-use critical infrastructure organizations can now understand how their ‘crown jewel’ IT and OT assets are protected.
Learn how critical infrastructure technology can be illuminated by an understanding of product security controls, SBOMs, HBOMs, VEX (Vulnerability Exploitability Exchange information) and related vulnerability information, any data analytics, provenance and origins of components and how it can help asset owners mitigate risk for critical infrastructure assets.
In this webinar, you will gain an understanding of....
- Product security controls assessments aligned to various regulatory and industry standard frameworks (i.e., NIST, NERC CIP, ISA/IEC 62443, etc.)
- Leveraging SBOMs, HBOMs, the status of all components via VEX and vulnerability databases, and utilizing MITRE ATT&CK and other frameworks, next to data analytics, to help prioritize
- Recommendations on how to configure an asset when the default state of a product is not deemed compliant or sufficient to meet security objectives
- Product vulnerabilities, risks and how the timeliness for addressing those vulnerabilities and risks by the manufacturer could impact compliance and risk for your organization